I am very concerned by the dubious-looking login hyperlink on the Central Provident Fund (CPF) website:
https://saml.singpass.gov.sg/spauth/login/eservloginpage?URL=%2FFIM%2Fs…
SingpassIDPFed%2Fsaml20%2Flogininitial%3FRequestBinding%3DHTTPArtifact%26Res
ponseBinding%3DHTTPArtifact%26PartnerId%3Dhttp%253A%252F%252Fweb.cpf.gov.sg%
252Fadfs%252Fservices%252Ftrust%26Target%3DRPID%253Dhttps%25253a%25252f%2525
2fwww.cpf.gov.sg%25252feSvc%25252fWeb%25252f%2526wctx%253Drm%25253d0%2525…
d%25253dpassive%252526ru%25253d%2525252feSvc%2525252fWeb%2525252fPortalServi
ces%2525252fWelcomePage%26NameIdFormat%3DEmail%26esrvcID%3DCPFeService&TAM_O
P=login
The hyperlink to the CPF website, https://www.cpf.gov.sg/members, is simple enough.
However, when I tried to log in to my account, I encountered the hyperlink above.
If this hyperlink is the correct one for logging in to my CPF account, then even if the CPF login hyperlink were to be diverted by spyware some day, no one would be aware of it.
CPF should make its login hyperlink simple and obvious, such as those for DBS (https://internet-banking.dbs.com.sg/IB/Welcome) and OCBC (https://internet.ocbc.com/internet-banking/). It should use something like https://www.cpf.gov.sg/login for the hyperlink.
Tan Peng Boon