How to spot and report scams
It’s tempting to take the easy route with passwords and PINs. After all, who can remember 20 different strong combinations of letters and numbers? Reusing passwords isn’t the safest idea, though, so it’s worth using certain tactics to make your passwords as secure as you can. Try to make your password as long as possible and include a mix of upper and lowercase letters, numbers and symbols to make it even more random.
Using common choices such as 'password', 'qwerty', or '123456', can make it easier for fraudsters to guess your password. Once they know it, they might log in to your email account to gain access to your banking information or social media accounts. They’re then only a step away from getting your personal details or stealing your money.
Sometimes hackers use a ‘dictionary attack’ to identify weak passwords and common passwords, which means trying thousands of common words from the dictionary as your password.
They might also use a ‘brute-force attack’ to discover more random passwords. They do this by combining words and numbers in thousands or millions of ways using special software to eventually match your chosen combination. Sites often block this before it has a chance to succeed, but you can never be too careful.
Don’t be afraid to be creative with your password. For example, you could include a full stop after the third letter or an exclamation mark before the final letter. Alongside a mix of upper and lowercase letters and numbers, these special characters make your password less predictable and therefore harder for fraudsters to figure out.
Another approach is to combine three totally unrelated words into one longer word. For example, SequinedSlothSlippers. Because there’s so many more words than individual letters and numbers, combining unusual words can create passwords that take an impossibly long time for fraudsters to crack – most aren’t nearly that patient.
Also, this type of strong password is easy to remember because it creates a funny mental image and doesn’t rely on lots of unusual characters.
Hackers know that people are creatures of habit and often use the same password across multiple online accounts. You can avoid this and keep your password safe by using the following tips:
If fraudsters can’t crack your passwords, they might try guessing the answers to your security questions, so try and create security questions that no one else could guess. This means you should avoid using information that can be found on your social media or in your family records. After all, if your secret question is ‘What is your pet’s name?’ and you have pictures of you and your dog Buster plastered all over your social media, then it won’t take long to find the answer.
Often, all it takes to avoid giving fraudsters a helping hand is to consider what information they could easily find on you. Check out the national awareness campaign Take Five for more information.
To lower the chance of a fraudster using your social media to research you, set your privacy settings on social media to include only friends and family. You’ll still get all the likes without any of the worry.
It’s a small step, but changing your privacy settings could prevent identity theft.
If you think your details could have been part of a data breach, it could be worth checking your credit rating to see if it’s been affected by applications and activity outside your control.
It could also be a good idea to learn about some of the other causes of a bad credit rating, so you know what else could have affected your score.
Forgotten your password? Watch out for sites that email your current password to you when you try to reset it. This could mean the site has an unsafe password policy and if it’s hacked, your full user login could be exposed. Secure sites make you pick a new password that contains features that make it difficult to crack.
The rules of choosing and using a secure password also apply to PINs.
Avoid using the same PIN across different cards.
Choosing strong passwords and PINs is a huge part of keeping your identity protected. The main points to remember are: