How to protect yourself from scams: six easy ways to stay safe

Take a few moments

There are lots of different methods fraudsters will use to try to trick people into sharing their financial or personal information. What they often have in common, however, is that they will try to get you to act quickly.

For example, a scammer may phone up claiming to be from your bank’s fraud team and say your account has been compromised and you need to urgently move your money to a “safe” account, which actually belongs to the fraudster.

According to one website security company, one of the most commonly used words in phishing emails is “urgent”.

The banking trade body UK Finance runs an anti-fraud campaign called Take Five, which advises consumers to “take a moment to stop and think” before handing over any money or personal details. It says that “only criminals will try to rush or panic you … Ask yourself – could it be fake? Ask someone you trust for a second opinion.”

Beware online

Barclays recently revealed that across all the different scam types reported by its customers, 75% started on social media and tech platforms.

Online shoppers need to be particularly careful, says Lloyds bank: “Most online shopping scam reports we receive relate to things bought through Facebook or Instagram. If the seller is offering expensive goods at cut-down prices or has items that are otherwise unavailable, it’s a major red flag.”

There has also been a surge in recent years in so-called “Hi Mum” scams, where fraudsters pose as loved ones on services such as WhatsApp. Someone might get in touch pretending to be a family member and saying they need cash quickly to pay a bill because they have been locked out of their online banking after getting a new phone.

Again, try not to let the fraudsters panic you into action. Check whether the message is genuine by taking time to contact the family member using the number you have for them or via another channel. You could also test the person on the other end of the message by asking a question that only the person they claim to be would know how to answer.

Look closely

A fraudulent email may appear authentic at first glance, but on closer inspection the email address is slightly different from that of the legitimate person or company. Perhaps one letter, number or symbol has been changed.

An email or text from a scammer may also include spelling mistakes or poor grammar, because English is often not their first language.

Also be careful about clicking on a link or attachment in an email or text until you are absolutely sure it is legitimate. It could take you to a fake website or contain malware designed to steal your personal information.

Hang up

Lots of scams start with a call to your landline or mobile phone. It might be someone pretending to be from your bank or an official body, or someone trying to get you to buy or invest in something.

If you were not expecting a call and cannot be 100% sure who you are speaking to, hang up immediately and find the official phone number to call back the company or organisation if you want to speak to them.

The charity Age UK also cautions: “Be aware that scammers can keep your phone line open even after you’ve hung up. Use a different phone, call someone you know first to check the line is free, or wait at least 10 to 15 minutes between calls to make sure any scammers have hung up.”

Many phone handsets let you see the number of the person calling before you answer, but scammers can disguise their identity by mimicking an official phone number. This is known as “number spoofing”, and it can also be used to make a fake message appear in a chain of genuine text messages from a company or organisation.

However, there was some good news last week: the telecoms regulator Ofcom says phone providers must now block all calls from abroad that falsely display a UK landline number.

Screen and block

When it comes to landlines, the consumer group Which? has compiled a list of services you can use to block numbers that might be scammers or nuisance calls.

One is BT’s Call Protect, which automatically diverts calls the company believes to be problematic to customers’ junk voicemail boxes. It also lets you compile a personal list of numbers you wish to block, and you can choose to send all calls from three types of numbers – international, withheld and unrecognised – to your junk voicemail.

Call Protect is included with home phone packages at no extra cost, and Which? reckons it is much better than some BT paid-for services such as Choose to Refuse and Anonymous Call Reject, which cost £6.86 and £8.09 a month respectively.

Sky customers can use Sky Talk Shield, its personalised call screening and blocking service which is free for Sky Broadband and Sky Talk customers. TalkTalk has a similar service called CallSafe that is also free.

For mobile phones, many Android devices have built-in caller ID and spam call and text message protection. Make sure it is turned on in your phone’s settings and for any messaging apps you use, and do not answer, call back or reply to unknown numbers. Legitimate callers will leave a voicemail.

On iPhones, turn on “silence unknown callers” in your phone’s settings to stop people who are not saved in your contacts from ringing you, and turn on “filter unknown senders” in messages settings to remove texts from people you don’t know into a separate folder and stop links in their messages from working.

Also consider signing up for the Telephone Preference Service, “the UK’s only official ‘do not call’ register for landlines and mobile numbers”, although some argue it has its limitations.

Protect your computer

Make sure your desktop or laptop is properly protected.

“Generally, it’s about keeping things up to date and ensuring whatever device you use is still getting software and security updates,” says Samuel Gibbs, the Guardian’s consumer technology editor. “As long as you keep a modern device up to date, don’t install things from outside the various app stores, keep your browser up to date and avoid dodgy sites, it will be hard to hack.”

For Windows 11 PCs, keep your software up to date by regularly using Windows Update and visiting the Microsoft Store for the latest versions of apps. Also use the update service in browsers such as Chrome. Ensure the built-in Windows Security is turned on for protection against viruses. To open the app, search for it in the start menu.

For Apple devices, keep macOS up to date using Software Update and the App Store for your apps. MacOS has various built-in security systems that run in the background.

In all cases make sure you have strong passwords, and do not use the same one on more than one account.

Two-factor authentication adds an extra layer of security. You should turn it on for every service that offers it.