How to stay safe online

far fa-chart-bar ["My Money"]
women on sofa on tablet

The vast majority of us use the internet on a daily basis, and couldn’t imagine life without it. We shop, bank, game, share our lives and stay in touch online. It’s great, but it’s easy to forget about online fraud.

Cybercrime statistics can be scary but a few simple actions can help to protect you, so take control and stay safe on the internet.

Visit our Latest Fraud and Scams page to watch our videos and find out more about protecting yourself against fraud and staying safe online.


3 useful online safety tips

Tip #1: Password safety is key so always use strong passwords that you never share

  • Unique passwords for each account
    It’s tempting to re-use passwords so there’s less to remember, however, if one account is hacked, then the fraudster will have access to all your other accounts too.
  • Keep it weird
    The more obscure your password, the better. A surprising number of people still use their names, date of birth, ‘qwerty’ or ‘123456’ – don’t be one of them. Make yours strong and memorable by using 3 random words. Paint a picture in your mind to help it stick, and insert special characters to make it harder to crack.
  • Never share your password
    If you suspect someone might know it, keep on top of password safety by changing it.

Tip #2: Opt-in to an extra layer of online security

Turn on two-factor authentication
Financial websites such as banks and building societies have 2 factor authentication for a good reason. It adds an extra layer of security such as being sent a text when trying to to login, which means even if someone else has got hold of your password, only you have access to your account. You can find instructions on how to do this for most popular sites using. Telesign.

Tip #3: Update your anti-virus software, browser versions and security updates

Make sure you’ve installed anti-virus software on your computer and then keep it updated.
You can set them to update automatically so you don’t even have to think about it.


These are two common internet scams you’ll want to know about…

Phishing Email Scams

What is a phishing email?

This is a type of scam where the scammer contacts you via email, often pretending to be from your bank, utility provider or a shopping website in an attempt to steal personal information. There will often be a sense of urgency.

How to spot a phishing email:

  • Check the sender email address – often this is a key giveaway as the email address doesn’t match the genuine website address or has a random sequence of numbers and letters.
  • Do they use your name or ‘Dear customer’? If they don’t use your name or personal details it’s likely they don’t know who you are.
  • Check the format, grammar and spelling. If it doesn’t look right, it probably isn’t.

What to do if you get a phishing email:

  • Don’t click on the links or download any attachments.
  • Delete it to prevent yourself from accidentally opening it in future.
  • If you want to double check, get in touch with the genuine company by looking up their contact details from a trusted source, e.g. your bank card, previous letters or their website (not the email!)
  • If you receive a suspicious email impersonating YBS, please forward it to and a specialist third party company will investigate.

Fake Websites

These are sites set up to look like genuine businesses that are offering cheap deals so they can collect payments from you, with no intention of providing the goods or services.

How to spot a fake website

  • If it looks too good to be true it probably is, so be wary of extremely cheap deals.
  • Does the site look professional? Check the format, grammar and spelling, as well as business information, small print and return policies.
  • Check independent review sites such as Trustpilot rather than the reviews on the site, as they could’ve written these themselves.
  • Check the address bar – secure sites will show a padlock symbol and the full URL will start with: https:// - the ‘s’ stands for secure.
What to do if you think a website is fake
  • Close the window down and leave the site.
  • Don’t enter any personal details, try to buy anything or download anything.
  • Don’t click on any pop-ups (a window that suddenly appears) that may have a special deal or warning to coax you into clicking.


Online safety includes your social media accounts; here are 10 social media safety tips:

  1. Passwords! Again, use unique passwords for each account and add extra security questions where you can.
  2. Check your privacy and security settings This way, you’re not sharing information beyond those you know and trust.
  3. Remove location tagging If you allow location tagging, it means that people may be able to find you in person – the same goes if you have children that use social media.
  4. Think before you share Don’t share personal info e.g. telephone number, date of birth, home address, or anything that can be used to steal your identity. Also be aware of the risks of indicating to connections when you’re going on holiday and leaving your house empty. Consider posting your holiday pics after you get back.
  5. Be selective with friend requests If you don’t know the person, don’t connect. Also, watch out for people you’ve already connected with once on any social media website, the second request could be a cloned account.
  6. Click links with caution Even those shared by a friend. If the post doesn’t sound like them or it’s out of character to share that kind of thing – avoid it. They may have been hacked. If it sounds really interesting, you can always search for it in your browser rather than following the link.
  7. Mobile passcode/fingerprint Many of us use social apps on our phones so the first barrier to your account is opening your phone. Set up a passcode or fingerprint security in case your phone gets into the wrong hands.
  8. Log off when you’re done Get into the habit of logging out between visits; this is especially important if you’re using a public computer.
  9. Don’t use social accounts to log in to 3rd party sites Set up a unique username/password for it instead, otherwise you could be sharing more data than you realise. And without unique passwords, if one account gets hacked, they all do.
  10. Avoid quizzes and games Any that require access to your profile information could be collecting your data to build spam lists and send you phishing emails.

Find out more

For more information about online safety, try these articles on Online security at YBS or
Types of Online Fraud and Scams.