Information on identity theft
Victim of fraud? Visit Action Fraud

How to Avoid Identity Theft Online

The majority of us spend at least a couple of hours each day online. Because we spend so much time using the internet each day, it is important that all internet users have a proper understanding of how to keep their personal information safe whilst they are online.

Online identity theft can have serious consequences for victims, so avoiding becoming a victim is a must. Online identity theft can lead to bank fraud and ongoing problems with obtaining credit (including mortgages, loans, new credit cards and even a new contract for your mobile phone. The following tips will help you to stay safe online.

Learn to spot spam emails

One of the major dangers to personal information that internet users face on a day-to-day basis are phishing emails. These are emails which are designed to look as though they come from a legitimate source, such as your bank, building society or Paypal account. They will often talk about a security breach or a transaction which you do not know about, and they may give you a link to log in with, so that you can verify the transaction or confirm your details. Clicking on one of these links is likely to take you to a website that looks just like the site that you are expecting to visit, but it is one which is designed to harvest your account information.

Look carefully at all emails before clicking on links enclosed within them. Poor spelling and grammar, and an unfamiliar writing style are all tell-tale signs of a phishing email, however more sophisticated scams look near perfect. Other tell-tale signs include an unfamiliar email address or site URL. You should be particularly vigilant about domain suffixes (.com,, .net etc). Although most of the URL may look the same as the site that you are expecting, it may be a fake site if the suffix is different.

It is always best to log into your accounts by opening a new tab and going to the legitimate site through a search engine.

Strong Passwords

If you have a large number of online accounts, do not choose the same password for every account. This could mean that if a hacker finds your log-in details for a minor account (such as a chat forum), they may then be able to use exactly the same password to log in to some of your more important accounts.

In addition to using different passwords, you should also make sure that you are using a strong password. A strong password includes uppercase and lowercase letters, as well as numbers. Make sure that your password is not on any list of common passwords (these include “password” and “qwerty”), and do not use a word which can be guessed easily by someone who knows about your life, such as the name of your cat or the name of your favourite football team. If your account provider allows it, you can also strengthen your password by adding a symbol, such as a #.

Never give out your password to anyone for any reason. If you believe that your password may have been compromised for any reason, then you should change it immediately.

Safety from Spyware and Hackers

Make sure that all of your internet devices have up-to-date security software, and that you are using it as directed. Whilst you may have security software that detects invasive programmes such as Spyware, this software will be useless if you do not run it regularly to check for updates and possible problems.

Make sure that your wi-fi password is also secure, and that it cannot be easily guessed. Unauthorised parties gaining access to your wi-fi can seriously compromise your online security. If you notice that your download rates are far higher than you were expecting or if you find that your download speeds are much slower than advertised, then there is the chance that someone else could be piggybacking on your wireless network. Contact your provider if you have concerns.

Social Media

It is very important that you stay vigilant when you are using all social media sites, because social media can offer easy pickings for people who are after your details. For example, getting your date of birth off of your profile can allow fraudsters to gain access to some of your other accounts, because date of birth is often used as a security question.

Never post personal information such as your address or phone number, and be careful about photos that you are taking which could be used to gain personal information about you. For example, if you are heading off on holiday, never take a photo of the personal information page from your password, because this contains lots of vital information which criminals could use to steal your identity.

Online Purchases

You are probably at your most vulnerable when you are making an online purchase. Any time that you are about to make a new purchase you should check that the URL starts with HTTPS (rather than just http), as this shows that your information is being sent across a secure channel.

If you are planning on making a transaction with a company that you have never purchased from before, you can check online to see whether anyone else has had a good or bad experience with them. In many cases, whether or not you proceed with the transaction has to be a judgement call based on your other knowledge about staying safe online.

If you do think that you made a purchase from an online retailer which may be unsafe, you should get in contact with your bank’s (or your credit card’s) fraud prevention department to see whether it is still possible to prevent your payment from going through. In most cases they will be able to put a stop on a transaction which you think may be a fraudulent one, so it is best to contact them as soon as possible.