We take online safety and security very seriously. As technology becomes increasingly sophisticated so do the scams and methods used by fraudsters. Our website uses the latest security technologies to ensure that your details are safe but that doesn’t stop fraudsters from trying to exploit customers using email and texts, or posing as Figleaves on social media, or simply just trying to guess your password to access your account online.
Here are some tips to keep safe and secure online.
Ensure your password can’t be worked out just by finding out information about you on social media… names, pets and birthdays are too easy to guess.
Password complexity is the best defence. Use the ‘three random words’ method – making it as long as possible but easy to remember as described in this article from the UK Government's National Cyber Security Centre.
Managing multiple passwords across multiple accounts too difficult?
Most modern browsers (Google Chrome, Microsoft Edge or Firefox) have in-built password managers. They’ll suggest and store complex passwords for you. Password Managers can also be built into the operating system of your device(s) e.g. Apple Key Chain.
Search for ‘password manager’ and you’ll also find standalone password systems that you can install. Here’s a useful article from Techradar.
Avoid Phishing Scams
Phishing is a method used by cyber criminals to trick you into disclosing your personal information by clicking on fake emails or websites so they can steal something from you, like your money, your personal data or your identity. It’s more prevalent on email but there are text and chat scams too.
These emails (or SMS) look like they come from someone you know (friend, family or a retailer) but they will look suspicious and prompt you to click on links or open attachments.
It might be a scam if…
- You are being asked to enter personal information, like your bank details, username or password.
- There is a sense of urgency, like a threat or security risk to your account unless you take immediate action.
- The message is not addressed in your name and has a generic greeting like ‘Dear customer’.
- There are spelling mistakes and the sender’s email address looks suspicious.
- To spot a suspicious email address, just hover your cursor over it to check it’s legitimate.
If you suspect the message, double-check the email / SMS address against previous messages you may have received from us, and if in doubt, contact us via our website.
The golden rule is NEVER click on a suspicious link asking you to log in, change your password or provide any other personal information (even if it appears to be from a legitimate site).
Safety Online - What To Look Out For
Look for a padlock
Use only secure websites (those with HTTPS rather than HTTP in the web address).
HTTPS websites will also show a padlock icon in the top of the browser.
Check privacy settings
Make sure your privacy settings are up to date especially when it comes to social-media accounts. Ensure you are not sharing too much about yourself.
Things that seem too good to be true usually are
Think carefully when you see adverts with incredible deals. Chances are there is no dream holiday to be won if you enter your personal data and password when requested in a dodgy email.
Take control of your information
Use your right to erasure and get companies you no longer use to delete your information.
Double your protection where possible
On sensitive accounts (e.g. social media, email and financial related) enable 2Factor Authentication, Multi Factor Authentication or One Time Passwords on your accounts. It’s a bit like when you do your online banking and you need to enter a code additionally to your password to prove it is really you logging-in to your account.
What to do if you’ve received suspicious messages
Ideally, delete suspicious messages immediately. Most email services have a reporting function that allows you to mark emails as suspect at the same time as deleting them – this will seek to stop more messages from the same address getting through.
Many phishing emails include a tracking element which allows spammers to know when an email has hit a live account and has been opened, so if you have opened one, it’s likely that you’ll get more.
Never click on the links and never provide any requested information. If in doubt contact us directly via our website.
If it’s too late what next?
- 1. Report suspicious activity: https://www.actionfraud.police.uk/
- 2. Install and run anti-virus software
- 3. Change your passwords (use a browser based or standalone password manager)
Read more advice on what to do if you’ve received or responded to suspicious messages.