How to protect your finances and stay safe online

With so many different activities taking place online – from shopping and video quizzes with friends and family to virtual experiences of museums, cooking classes and art galleries – online safety is more important than ever.

Events like the coronavirus pandemic can lead to new types of scam activity. But there are plenty of things you can do to protect yourself.

How to stay safe online

There are lots of different things to consider when it comes to online security. However, in this guide, we’re going to focus on the following four areas:

1. How to keep your stored personal and banking information safe
2. How to avoid email and text scams
3. How to shop safely online
4. How to protect your data when ordering or applying online

How to protect your personal information online

Nowadays online banking and shopping are a lot more common and you’re more likely to have key information about you saved within your accounts. Lenders and businesses will typically have their own processes in place to combat hackers but it’s still important to be aware of how to better protect your personal information. Here’s a few simple steps to better protect yourself:

Regularly update your software and banking apps

One of the most straightforward ways to protect your data is by installing regular updates for every device you use. This applies to operating systems (Windows, Mac OS, iOS, Android etc.) and any antivirus or anti-malware tools.

Cyber criminals can exploit weaknesses in your software and apps to access your personal information. You should firstly make sure you are downloading apps that you know are reputable. But then you should also ensure you keep apps up-to-date on your phone or tablet to avoid being vulnerable to security threats.

Use two-factor authentication

Two-factor authentication can help to protect your accounts by requiring two security checks when you log in, providing an extra layer of protection. For example, your account could require a one-time-use code that is texted to you in addition to your password. This would help to reduce the risk of being hacked as if someone obtained your password, it would be more difficult to log in without having access to the code sent to your phone.

Banking apps typically will have two-factor authentication already set up but if you have any apps or accounts that include your personal data you may want to consider setting up two-factor authentication. You’ll be able to opt-in for certain apps by manually adjusting your security settings.

Two-factor authentication isn’t just important for protecting your financial information. Enabling it is good practice for keeping other accounts safe that store your personal information such as social media and email accounts.

Regularly update/change passwords

By regularly updating and changing your passwords, you can help to protect your account. Frequently choosing new and secure passwords can make it more difficult for someone else to guess. This also helps to minimise the risk if there is a security breach that exposes your login details. By regularly changing passwords, if your details were stolen, they would soon be out-of-date.

It’s good practice to make different passwords for the accounts you care most about. Using the same or similar password across multiple websites makes you more vulnerable to hackers as anyone who learns of one login could gain access to multiple accounts. Weak passwords; for example, your name or date of birth, could be hacked in seconds. The harder and longer your password is, the more difficult it is to hack. Cyber Aware recommend using three random words, making it even stronger by using special characters.

Beware of phishing emails

Over time, phishing emails are becoming more sophisticated and even harder to identify. Because of this, it’s important to be vigilant and scrutinise every email you receive in your inbox that requests personal or financial information.

Remember: no bank or online retailer will ever email you and ask for your financial details or your passwords.

If in doubt about the legitimacy of an email, get in touch with the supposed sender using the trusted contact details on their official website.

Spotting and avoiding coronavirus financial scams

Some forms of scam activity have increased during the coronavirus lockdown.

Sadly, fraudsters are exploiting people’s anxieties with false texts and emails. To help you, we’ve put together some advice on the most common scams currently circulating.

Coronavirus phishing emails

Phishing emails usually appear to be sent from a reputable source. However, they are fake and created to trick you into giving over personal information.

The coronavirus pandemic has led to new forms of phishing emails that can easily be mistaken for a real message. These include emails that look like they are offering advice from official government bodies, medical experts, investment firms, and workplaces.

Some things to look out for to see if these are real or not are:

• Spelling or grammatical errors – Spam emails will often contain mistakes. If an email is poorly written, it’s likely to be fake.
• Generic greetings – “Dear sir / madam” could be a clue that an email is a scam. However, more sophisticated phishing emails can pull in your name.
• Email address – Check that the email is really coming from who it says it is. Often, scammers will use a similar email address, but it may include a slightly different spelling.
• Links and attachments – Be very careful with these and only click if you are 100% sure the email is real.

If you receive an email you believe to be a phishing email do not open any attachments or links. You can simply delete the email or you can forward it on to the business they are pretending to be. For example, if you receive a phishing email about your HMRC you can report it here.

Coronavirus text scams

Fake texts are another tactic being used by coronavirus scammers.

There have been examples of scams demanding payment of a fine for breaking social distancing guidelines. This scam is particularly convincing as it appears to come from the same number as the government’s earlier legitimate coronavirus warning. Another current coronavirus scam is a message pretending to be from HMRC, promising a rebate as a ‘goodwill gesture’.

As well as fake government messages, there is also a scam circulating where people are posing as financial advisors informing you that you need to transfer money to another account.

To avoid being conned by a text scam, remember that:

• If it sounds too good to be true, it probably isn’t real – Make sure you double check the information you are being given. For example, the government and HMRC are not giving out lump sums or goodwill payments.
• HMRC and the government will never contact you and ask you to click on a link to provide information.
• You should never click on a link that asks you to transfer money, whoever the message claims to be from.

To check the legitimacy of a company or person you are dealing with, use the FCA register.

How to shop safely online

Shopping online is something many of us do regularly, and lots of us probably don’t consider financial security when we do it.

However, with many of us turning to new sites to buy products we’d normally buy in physical locations, it’s important to remember how to stay safe online.

How to check if a website is safe to buy from

Before you enter any personal details, check that a website is secure.

You can do this by looking out for:

• A padlock symbol – In your browser, you should see a padlock symbol in the address bar. That means the connection is secure.
• Https:// – Check the website address. It should begin with https:// (the ‘s’ stands for secure).
• Green address bar – Some browsers will automatically change an address bar to a green colour to represent good site security. If your browser has this feature, look out for a colour change.
• Valid certificate – Clicking on the padlock symbol will let you see information on the site certificate. You can find out who has registered the site here. If you see any warnings about the certificate, do not buy from the website.

The above things will tell you if the site is secure. However, it does not always guarantee that the business is trustworthy.

Some additional things to check are:

• Privacy policy – Having a privacy policy does not guarantee a business will follow it. However, not having a privacy policy can be a red flag.
• Contact information – You want to be able to find an address connected to a real physical location before you hand over any money.
• Reviews – Look up the company’s profile on sites such as Trustpilot or Feefo. You can also check the company’s Facebook page for reviews. Although reviews can be faked (both positive and negative), these can give you an idea of whether the quality of goods and service will match your expectation.

Use a secure internet connection when making purchases

It’s best to make purchases over your own private and secure WiFi connection.

If you’re using a public or shared WiFi connection, only connect to networks that you trust and keep looking out for the same security checks on each website.

Safe and secure credit applications

The same security principles for shopping online apply when making applications for credit – including personal loans.

In addition to looking out for site security, make sure you have researched the lender thoroughly and are confident with your choice.