As the world shifts to becoming more and more online, and we rely on it to access the services and products we are normally able to get in person, it becomes equally important to stay safe and to protect our personal details.
Whether it be online banking, shopping for food, medicine, or other products if there is a transfer of funds or personal information involved then it is a target for scammers, looking to take advantage of an over-trusting approach to online use. While remaining sceptical and vigilant are the best bits of advice, there are lots of other tips that we’ve provided here for you to keep safe when it comes to using the internet.
- Staying Safe Shopping Online
- Online Banking Safety Tips
- Social Networking Safety Advice
- Buying Medication Online
- Avoiding Email Scams
- General Online Safety Tips
Staying Safe Shopping Online
As we’ve said, scammers are mainly trying to get two types of information from you with online schemes – personal information and banking details. Online shopping and banking involve both of these so it’s obviously important to be very vigilant as they are a frequent target for scammers – especially in a time when a lot more online shopping will be needed. Scamming might also just be as simple as selling you a product that they take the money for but never intend to deliver.
The best advice is to use websites of companies you already know like Amazon or an online version of a well-known high-street shop. When you search for these types of shops in Google, the first website to come up is usually the safest and almost always legitimate. Other websites might be tempting with much lower prices for the same products that you can buy on well-known sites, but when using personal details and exchanging money its best to cautious and sceptical. If you receive an email advertising an online deal, it’s safer not to click on the link in the email but to search for deal on Google – ‘phishing’ emails use this technique to direct you to an unsafe and illegitimate website.
If you really must use another type of website to buy a product there are some more tips before you exchange payment information or personal details.
1. Check the website is secure
Make sure there is a padlock symbol in the address bar and that the web address starts with https:// (the ‘s’ means secure) – this doesn’t mean that the website is legitimate, just that the connection between you and the website is secure. We have a full explanation of this part below.
2. Look for contact details and a business address
Legitimate online shops won’t hide their contact information and will make it easy for you to get in touch with them. They will also have a business address that includes a street name and isn’t just a post office box. You can also check the business is registered in the UK by searching for it on the Companies House.
3. Double check on a review site
If you’re still not sure, one of the best ways to check the legitimacy of a website is through a review site like trustpilot.com. You can search for a company and see what other people who have used their services say. Reviews work best when there are a lot of reviews (more than 50) all generally saying the same things.
4. Be careful with payments
When you make a payment make sure you never transfer money directly into a bank account and that when using PayPal that the account you’re are paying to is a business account and not a personal one. Don’t share information like banking passwords or PIN numbers as these are not needed with a payment.
5. Use one Credit Card for all your online shopping
As a final precaution you could use one credit card specifically for online payments. This way if something does go wrong the scammers won’t have access to your main bank account and you can always cancel the compromised card. If it feels wrong or too good to be true, it usually is.
Online Banking Safety Tips
Banking online has become much safer with the introduction of mobile banking and more services transitioning online, however, it’s still very important to remain wary and careful.
When banks contact you they will never ask for your passwords, PIN number or other personal information, so never give this information or follow a link from an email asking for this information. When using online banking only ever access the website by searching for the bank or set up a bookmark for it (you could ask someone you know who’s good with tech to help you do this). Also, make sure you are using a password protected, private WiFi network when you go on your banks website – hackers can see your details and passwords if you are using a public network.
More and more banks are using two-factor (or more) authentication to make sure it’s you accessing your bank account. This could be with two things you know, e.g. a password and mother’s maiden name, or two things you have, e.g. bank card and card reader, phone connected to mobile banking, or a standalone device like HSBC’s SecureKey or Barclays mobile PINsentry. These types of multi-factor authentication are the best ways for making sure your account is safe and come as standard with online banking – you can always talk to your bank about this if you’re unsure on how to set this up.
Try not to use public computers when accessing your bank account and be aware of ‘shoulder surfers’ looking at your screen. Finally, if you’re not sure on the authenticity of an email from ‘your bank’, search for your bank’s contact details online and ask them to confirm the information in the email.
Buying Medication Online
With it being harder to get prescriptions, medicines and remedies that we could normally get at our pharmacy it will be tempting to search for similar medicines online. Unfortunately, this is another opportunity for scammers to get money for products that don’t exist or don’t have any therapeutic properties.
When browsing online pharmacies, you can check if they are legitimate by clicking on the ‘Registered Pharmacy’ logo or the ‘Click to verify if this website is operating legally’. These logos should be clearly visible and direct you to the General Pharmaceutical Council website and government website (to check the company is legitimately registered) respectively.
Avoiding Email Scams
Email scammers can use sophisticated techniques to ‘phish’ information out of you, direct you to a fake website of a company that you recognise, or get you to download a virus to your computer. Scam artists and ‘phishers’ use computer programs to send thousands of emails out to random addresses, or get your address through another means, hoping that someone clicks on a link within an email or downloads and attachment.
The rule of thumb here is that if it seems too good to be true, or if you’re not sure, delete the email without opening it or any attachments. If the email address is not one you recognise or you weren’t expecting an email from the company it is possible it is a scam email. They often include links to a fake website posing as one you recognise to get you to input your login details, which they can then use themselves.
If you’re not sure about an email and it’s from a company you do have business with, the best form of action is to go to the company’s official website (by searching for it online, not by following a link in the email) and finding their contact details. You can then ring them to check if the email is a scam. Remember banks or other legitimate businesses will never ask for personal banking information over email.
Here are some simple checks to spot a scam or spam email:
- Spelling mistakes or misspellings (like using a ‘zero’ instead of an ‘o’)
- You don’t know the sender
- The ‘it seems to good to be true’ rule
- Written with a sense of urgency – if it was really urgent they would call you
- Asks to be forwarded to multiple people – scammers want to expand their network of people to scam
- Contains a virus warning – emails can’t tell if your computer has a virus
- The email is addressed to “Dear customer” or a similar non-specific greeting (although scammers can get your name too, so this is not a marker of legitimacy)
- You weren’t expecting an email from the company
- The entire text of the email is contained with an image – don’t click the image as it could be a hidden link to a fake website
Social Networking Safety Advice
Social media sites like Facebook and Twitter are great to keep in touch with friends and family, especially in these times. However, as they are places where most of us are, they are also a good target for online scammers, people trying to get personal information, and false information pushers.
The first step is to make sure your password for these sites is strong, unique, and private. We have some tips on password creation further down this page.
Social media websites have had a lot of stick in the past for making it difficult to know what of your personal information on your ‘profile’ is public for everyone to see. Generally, it’s a good idea to keep most information private or only visible to your friends. Twitter and Facebook have guides on how to do this, for other social media sites, go to ‘Settings’ and then ‘Privacy’ or ‘Security’ to find out which of your personal information is public.
General Online Safety Tips
Creating a Secure Password
The average person has 27 accounts with passwords. That’s a lot of remembering to do, and keeping them all safe is a nightmare. Identity theft from the hacking of internet accounts can happen to anyone, be warned, according to Action Fraud. One in four adults has fallen victim to identity theft – losing on average £1200 – and the UK public lost an estimated £4 billion to internet fraud in the last year alone.
These are frightening statistics and remind us of the necessity to protect all accounts by choosing (and remembering) the right types of password. So, here are our top ideas from Age Space to help choose the right passwords:
- To stop accounts being hacked passwords should be complicated.
- Never share passwords – no legitimate company or organisation will ask for passwords over email or other contact form.
- Have a different password for each account.
- Use a mixture of UPPER and lower case letters as well as numbers in each password.
- Don’t use family names or dates of birth.
- Write down the passwords in a book and make sure you keep the book safe (tell a family member where it is kept just in case).
- There is security software to help such as LastPass which keeps all passwords safe in one place.
- Finally, if you think you have been hacked, report it straight away to the relevant company or organisation and Action Fraud. Then change the password immediately.
How to check if a website is secure
To check if a website is secure – that the information you are sending to the website isn’t visible to third parties – you can make sure that there is a padlock visible in the address bar at the top of your browser. If a “Not Secure” message is there in its place you won’t be surprised to hear that this means it is not secure.
When you click on the padlock and then “View certificate” the certificate should be valid, in date, and registered to the correct address.
A further check to take is to make sure that the web address starts “https://”. The ‘s’ stands for secure and nearly all reputable websites should have transitioned to this protocol. You can check this by clicking on the address bar to show the whole address (some browsers don’t show the full address by default to make it look cleaner). Do note that a website being secure is not proof of its legality or legitimacy.
Safeguarding your home WiFI
When you first set up your home WiFi the password that you need to access the internet will be a very basic, and not a particularly secure one. Therefore, it is important to change this password to prevent unapproved people from accessing your WiFi.
As with all password, this new password should be a unique one for the router, but you also might want to make it easy to remember for when guests ask to access your WiFi. Use the tips further down this page for advice when creating a password.
To change your WiFi password the best thing to do is to search on Google “How to change *WiFi provider name* WiFi password”, swapping in your providers name, or by using the manual that is provided with your router when you first get it. Get Safe Online has walkthroughs on how to change the WiFi password for three major providers – Virgin, BT and Sky.
Virus protection for your computer/smartphone
Even if you follow all of our tips, there will always be a chance for some viruses to squeeze through, or for a download turn out to be malware. This is why we recommend installing a security software, like an anti-virus, anti-spy-ware or firewall, to boost your computer’s protection. It is also important to keep this software, as well as your computer’s operating system (e.g. Windows/MacOS), up to date.
There are a lot of options for getting a security package, some are paid while others offer free versions, however, we recommend getting a reputable brand and the best you can afford.
Three that we recommend include:
- AVG – Free AntiVirus (includes AntiVirus for Android Smartphones) and online protection. Paid packages available
- Norton – Anti-spyware, AntiVirus, Malware & Ransomeware protection. Also includes a password manager and secure VPN (hiding where you are accessing the internet from)
- McAfee – Full protection, home network security, password manager and more
Virus and malware security can also extend to your smartphone, depending on the type you have. If you have an Apple iPhone (or iPad) you will not need an AntiVirus package, however, they are still vulnerable to scam websites. It is however, worth downloading an AntiVirus software if you have an Android phone (e.g. Google, Motorola, HTC, Samsung etc) as these can be targeted by viruses.
Age Space recommends visiting Which’s page on Mobile Security Apps to work out which option might be best for you.
Age Space’s 10 Golden Rules to Follow Online
It is frightening to know that there are so many of these exploiters out there attempting to get access to our money and our private information through sophisticated techniques. However, if you follow the basic rules of remaining sceptical and cautious you can significantly improve your chances of not falling victims to these scams.
- If it seems to be good to be true, it probably is
- Check spelling and grammar (including web addresses)
- Make sure websites are secure (padlock icon and start ‘https://’)
- Check businesses on review sites
- Be wary of everything you see on social media
- Delete emails you believe are spam/scams without opening them
- Don’t follow links in dubious emails
- Be aware of pop-up messages that warn you about your computer’s security, these are more often than not scams from fake websites to get you download a fake anti-virus program which can infect your computer.
- Use the “Is this a scam” feature on the Citizen’s Advice website
- Learn more about protecting your computer on getsafeonline.org