The protection of client assets and interests is a top priority. We would like to draw your attention to the following tips to uphold your cybersecurity:

A. Protect your password and personal information

i. Please be careful not to disclose personal information, including your securities account information, account number, user name, login password or one-time password, to anyone (including your account manager) through phone calls, social media platforms, text messages or emails, or any other means.

ii. Do not save your user name and login password on any mobile device or personal belongings or allow others to use your login information.

iii. Set a strict password and change it regularly. It is recommended to change your password at least every three months.

iv. You should not use personal information that is easily accessible to others as your password, such as your name, date of birth, phone number, ID number, etc. It is recommended to use different login passwords for different accounts. This is to prevent hackers from trying different accounts with the same password after invading the device.

v. Do not enter your personal or account information on redirected suspicious websites or mobile applications.

B. Computer virus/anti-phishing email protection

i. Please properly install/update and execute anti-malware/virus software and keep them software updated. Before opening files from unknown sources, be sure to scan the files with anti-virus software first.

ii. Do not download or open hyperlinks or attachments in applications, emails and text messages from unknown sources.

iii. Pay attention to whether the sender's email name and address are authentic and beware of fake emails.

iv. Install and activate a personal firewall, and scan your computer regularly to detect whether there are malicious programs running on your computer.

v. Be careful of suspicious "pop-up ads" as the links therein may invade your electronic system through malware or steal your information by redirecting them to fake websites.

C. Keep your devices protected

i. Only browse encrypted and trustworthy web pages, and use trusted WiFi mobile networks.

ii. Do not use public computers to log in to important systems, and do not share online accounts with others that can be accessed by computers or electronic devices.

iii. Only download/log in to the Well Link Securities Trading App through the official software application store or our company’s official website.

iv. Protect the security of your electronic devices by enabling unlock screen security settings such as passwords, gestures or biometric authentication for mobile phones, tablets and computers.

v. Avoid using mobile devices with cracked (“jailbreak” or “rooting”) system firmware restrictions. Jailbreak or rooted mobile devices will increase security risks.

vi. Keep the device system and applications up to date. Updates can patch possible security vulnerabilities.

vii. Before discarding your electronic device, please delete all data in the device to avoid leakage of your personal data.

D. Others

i. Pay attention to the SMS or email reminders sent by Well Link Securities Limited (“the Company”), and check your account statements and transaction records regularly.

ii. Regularly check and update your personal information registered with the Company; you can update your personal information or corporate account information through methods approved by the Company, such as contact number, email address, correspondence address and the way to receive account statements or preferences etc. To protect your interests, you may receive a verification call/email/message from the Company confirming your instructions.

iii. The Company will not solicit customers’ sensitive personal information, including account information, user name, login password, transaction password or one-time password, through phone calls, phone recordings, emails, text messages, online hyperlinks, QR codes or attachments. If you have disclosed your password to a suspicious caller, please change your password immediately.

iv. If you receive a suspected fraudulent call or message claiming to be from the Company and have provided information to the caller, please stay calm, contact our customer service hotline immediately to verify the identity of the caller, and call the Anti-Deception Coordination Centre (ADCC) hotline 18222 for inquiries or reports to the police.

v. It is recommended to use the police’s “SCAMETER” webpage or the “CYBERDEFENDER APP” mobile application to check suspicious phone numbers, URLs or payment accounts.

For more information about internet or cybersecurity, please visit the following websites:

The "Cyber Security Information Portal" http://www.cybersecurity.hk/tc/index.php and the "InfoSec Website" http://www.infosec.gov.hk published by the "Office of the Government Chief Information Officer".