Security tips for online trading

Online trading
Financial intermediaries
Cyber security

You can now easily use your computer or mobile phone to buy or sell investments like stocks, bonds and funds anywhere through the online platforms offered by your broker, bank or other financial intermediary. While trading online is convenient, you should be mindful of the associated security threats and risks. Choosing an online broker with adequate security measures in place helps protect you, but is it good enough? Your own practices of using online trading services indeed play a significant role to help protect yourself as well.

Good practices of trading online

Dos Don'ts
  • Keep a close eye on all trade documents to monitor your online account. Log on your online account regularly, or when you receive e-statement alert from your broker, to review all transactions promptly. Beware of any suspicious or unauthorised transactions
  • Set a strong password with at least 8 or more alphanumeric characters. Change it regularly and avoid recycling the same password. If your online broker provides you a security token, keep it in a safe place
  • Watch out for any unauthorised changes to your account information such as telephone number, email address and login password
  • Type the website address (URL) or use a bookmark to enter the website of your broker. Avoid access the website through hyperlink embedded in e-mail, internet search engine and suspicious pop-up window
  • Use trusted and secured computer or mobile device for online trading. Always log out website or system after finishing your trade
  • To protect your computer or mobile device, activate the auto-lock function; install reputable anti-virus, anti-spyware and anti-malware programmes and update them as and when they are released; set up a personal firewall
  • Use the latest versions of operating system, apps, software and browser. Keep software up-to-date
  • For the network functions, disable any wireless network functions (e.g. Wi-Fi, Bluetooth) not in use. Choose encrypted networks when using Wi-Fi and remove any unnecessary Wi-Fi connection settings
  • Always consider the data security and privacy when you download and install any software and apps into your computer and mobile device
  • Don't disclose the login ID and password of your online account to any person or respond to any unverified request. Intermediaries do not normally contact customers for personal information by email and do not ask customers to disclose the account password. Check with your broker if in doubt.
  • Don't store your password in computers, mobile phones or placed in plain sight, and don't use a single password for all your accounts e.g. email account or banking account
  • Don't log in your online account when there are unusual pop-up screen or window, or abnormal slow computer response, and when unexpected steps or information are required
  • Don't use public computer, or unknown and insecure network connection to access your online account
  • Don't share with other people your computer or mobile device used to access to your online account
  • Don't download and install any unknown software used to access to your online account