Never use personal details as a password, this includes; family names, date of birth, pets’ names, where you work or where you went to school. This information could be found out by fraudsters through data breaches or email hacking.
It is better to use a sentence rather than one word on its own – this will be much harder to guess.
Different websites and accounts have different requirements when it comes to setting up a password. But, to get the maximum strength, it should be at least 8-10 characters long and contain a mixture of capital and lower case letters, numbers and special characters.
You should set up a unique password for every account you have. This will prevent all of your online accounts being compromised if your password is guessed.
Never write your passwords down – especially on your phone or computer which can be hacked. You can sign up to a free, secure online password manager - 1Password, DashLane or LastPass for example - which saves all your passwords securely in one place and can even make original passwords for you.
Never give anyone your card details over the phone. The only circumstance is when you have called them (never the other way around) and you are 100% sure of who you are talking to.
When you are creating a PIN number, never use a pattern of numbers (e.g. 1234 or 4321) and never make it a number personal to you (e.g. your/a family member’s date of birth or the end of your phone number). The number should be completely random, usually it is best to use the number randomly generated by your bank when you receive the card.
Never use the same PIN number twice. If someone guesses the PIN number to one of your cards, then you are at risk of all of them being compromised.
Never write down your PIN number, especially not on your phone or online which can be stolen or hacked into.
When you are making a card payment in a shop or a restaurant, never let the card be taken out of your sight. If the sales advisor/waiter needs to take the card to the chip and PIN machine, either go with them or ask them to bring the machine to you.
Never use an ATM that looks like it has been tampered with. Some ATM skimmers can be found if you shake the card reader. The card reader and keyboard should be attached and not move around.
When you are using an ATM machine, use your other hand to shield you entering your PIN number so it is blocked from anyone lurking nearby, or any cameras that may have been set up by criminals. Also, never let yourself be distracted, some criminals will work as a team and one will try to distract you whilst the other steals your card from the machine.
If you have online banking, you can check all of your banking activity. It is important to do this on a regular basis so you will be immediately aware of any unauthorised transactions.
Be cautious on social media such as Facebook and Twitter. Change passwords regularly and set the security settings to the highest they can be. Avoid allowing personal details such as your home address/town, date of birth and email address to be visible to the general public.
Always keep your anti-virus software up-to-date and switched on. Cyber criminals can create viruses and malware that will get passed your anti-virus software, especially if it is not up-to-date. The updates are there to protect you from new and developed scams.
Phishing emails are one of the biggest online scams and it is almost definite that you will receive them if you have an email address.
There is a lot to go over with phishing scams, see our guide:
Never send your personal or bank details to anyone via email or social media messaging services. Emails and messenger apps can be hacked into and intercepted by cyber criminals.
When you are using an e-commerce site, check at the top of the page for a green padlock symbol and whether their web address starts with ‘https://’. These things will mean that the website is legitimate and safe to enter your personal and banking information.
Take care using public WiFi. Most of us have mobile phone packages with limited data, so those of us who use the internet on our phones daily will take the opportunity to save our data by using free WiFi available when out and about. The problem with this is that public WiFi is not always secure. WiFi uses radio waves which can be accessed by identity thieves and cyber criminals with a type of software. They can track what you are doing online enabling them to find out log in details, passwords and other personal information without your knowledge. If you are going to use the WiFi in a cafe, airport etc:
Check the name of the network and make sure it is the right one. Although it is not yet known to be a common issue, it would be easy for a fraudster to set up a network with a similar name in the same location in the hope that customers connect to theirs instead - letting them see your information.
Don't use public WiFi to go on websites that require your log in details, such as online banking, social networking websites and email accounts.
Check nobody is reading anything personal on your screen over your shoulder.
The first thing to remember is that any legitimate bank or organisation will never phone you and ask for any personal or bank details, even if there is a problem. Always remember this.
If you do get a call from someone claiming to be from your bank or a company/organisation you do business with, don’t give them any details and tell them you will call them back. Go online and search the bank or company’s contact details and use them – never re-dial the number that called you or any details they gave you to ring back. When you are through to the genuine company, they will tell you if there is a problem.
The fraudster might ask you to put down the phone and call your bank. Don't do this. They can stay on the line and pick up your personal and financial details through a remote listening device. Instead, find the official number for your bank from a statement or your card, and call them using a different phone - a mobile or a friend's, for example. This way the fraudster won't be able to listen in and you will be able to alert your bank to a potential threat as soon as possible.
If you cannot access another phone, be sure to hang up for at least five minutes before you dial out, or call a friend (whose voice you recognise) before making another call.
If you are contacted out-of-the-blue regarding a spurious PPI claim, contact the Claims Management Regulator, as these companies must be regulated. If you have any concerns, take their contact details and report them. The regulator has the authority to revoke licences so that dodgy firms have to cease trading, and they are also able to issue large fines.
Where to Report Fraud
If your bank/credit card has been compromised, contact your bank/card company as soon as possible to make them aware of the situation and they will advise you on the next steps to take.
You can report any kind of fraud, identity theft or cybercrime to Action Fraud UK (www.actionfraud.police.uk).
If you have received a phishing email, as well as reporting it to Action Fraud, you should click the report button at the top of the page when the email is open. This is make the email provider aware of the problem.
Fraud Protection Tip
Sign up for a credit report - you will be alerted to any financial activity in your name – try www.noddle.co.uk, it’s free.