How to stay safe online

The internet is a fantastic place, but it also comes with risks. Hackers, scammers, shady websites and other bad actors can try to steal your information, trick you into scams, or spread harmful content. This guide will help you stay safe and protect yourself online. Please take a few minutes to read through the advice below.

1. Create strong, unique passwords

A weak password is like leaving your front door unlocked. Protect your accounts with strong passwords:

• Use at least 12 characters (longer is better).

• Mix uppercase and lowercase letters, numbers, and symbols.

• Avoid obvious words (like "password123" or your name or birthday).

• Use a password manager (like Nordpass or 1Password) to store and create strong passwords.

• Never reuse passwords across different accounts.

Example of a strong password: Jk$2!mNp4&9z

2. Turn on two-factor authentication (2FA) on your devices

Two-Factor Authentication (2FA) adds an extra layer of security. Even if someone steals your password, they can’t log in without the second step.

How to enable 2FA:

• Go to your account settings on websites like Gmail, Facebook, or your bank.

• Turn on 2FA (also called multi-factor authentication).

• Use an authentication app (like Google Authenticator or Authy) instead of text messages if possible.

You can also enable 2FA for your Online Community account, to set this up please read through our how-to guide How to set up a Passkey and Two-Factor Authentication (2FA).

3. Watch out for scams and phishing

Scammers are crafty, they will try to trick you into giving away personal information. Phishing is when someone pretends to be a trusted company like your bank or delivery companies, friends even your own email provider to steal your data.

🔴 Signs of a scam:

• Urgent messages like "Your account is at risk!" or "You've won a prize!"

• Emails or texts with bad spelling, grammar or strange looking email addresses like paypal1@usa.com

• Links that don’t match the official website (hover over links to check!).

• Requests for your password, bank details, or to “confirm” personal details.

✅ How to stay safe:

• Never click on dodgy links in emails or messages.

• Never send money or your bank details to anyone who asks, your bank and other companies will never ask for this information.

• Verify who’s contacting you - call the company directly.

• Check website addresses - scammers use fake sites that may resemble other popular and established websites.

• Ignore "too good to be true" offers - they are scams. If someone is offering to send you something but asks you to make a small payment in order to access the product they are offering, its most definitely a scam.

4. Keep your devices and software updated

Out of date software is easy for hackers break into. Updates fix those security issues.

How to stay updated:

• Turn on automatic updates for your phone, computer, and apps.

• Update your browser (Chrome, Firefox, Edge, etc.).

• Use a supported operating system (Windows 10/11, MacOS, Android, iOS).

• Delete old apps you don’t use (they might be unsafe).

5. Browse safely

Your browsing behaviour affects your security. Not all websites are safe, and clicking the wrong thing can land you trouble.

🛑 Avoid unsafe websites:

• Look for "https://" in the address bar (not just "http://"). The “s” tells you it is secure, and look for the padlock symbol.

• Use a trusted browser (Chrome, Firefox, Edge, Safari or Opera).

• Avoid downloading random files or apps from unknown sources.

🔎 Search safely:

• Stick to trusted sources (Medical journals, major news websites, Gov.uk etc.).

• If something looks off, Google it with "scam" (e.g., "PayPal refund email scam").

6. Protect your personal information

Don’t overshare online - scammers and hackers can use your details to scam or impersonate you.

Be careful with:

• Your full name, address, and phone number.

• Your birthday - it helps hackers guess passwords.

• Your workplace and travel plans - don’t announce vacations publicly.

• Your financial details - don’t share your card or account details online.

Privacy tips:

• Set social media accounts to private.

• Use a nickname or username instead of your full name on public sites.

• Don’t post sensitive photos (like Passports, IDs, boarding passes, or work badges).

7. Be cautious with public Wi-Fi

Public Wi-Fi is convenient but not secure. Anyone nearby can snoop on your activity.

Stay safe on public Wi-Fi:

• Avoid logging into bank accounts or shopping sites.

• Use a VPN (Virtual Private Network) if you need to access important accounts.

• If possible, use mobile data instead, but watch out for roaming charge if you’re abroad.

8. Check if your data has been compromised

Sometimes, you don’t know your information has leaked until it’s too late. Be proactive.

Here’s how to check:

• Use haveibeenpwned.com to see if your email or passwords have been leaked in known data breaches.

• Regularly check your credit report for unusual activity, signs someone may be using your details without your permission.

• If anything looks odd like accounts you don’t recognise, report it immediately.

You can check your credit history on:

• Experian | Credit Scores, Reports & Credit Comparison

• ClearScore | Your credit score & report. For free. Forever.

9. Secure your email and messages

Your email is a gateway to all your accounts. If a hacker gets into your email, they can reset your passwords and take over everything.

How to secure your email:

• Use 2FA on your email account.

• Don’t open suspicious attachments or links.

• Use separate emails for different things (e.g., one for banking, one for social media).

• Don’t forward chain emails (they often spread misinformation or scams).

10. Be smart about online shopping

Fake shops and scam websites are everywhere. Don’t hand over your card details without checking the site properly.

How to shop safely:

• Only shop from trusted sites.

• Check reviews before buying from a new store.

• Use secure payment methods (PayPal, credit card, not bank transfers).

• If a deal seems too good to be true, it probably is.

11. Recognise and avoid misinformation

Not everything you see online is true. Scammers rely on panic and confusion.

How to check facts:

• Cross-check with trusted news sources (BBC, NHS, Gov.uk, Reuters, etc.).

• Be skeptical of viral posts with shocking claims or sensationalist headlines.

• Fact-check websites can help verify stories.

Useful sites for staying safe online

• https://www.staysafeonline.org/ - National Cyber Security Alliance

• https://www.ncsc.gov.uk/cyberaware/home - UK Government - National Cyber Security Centre

• https://www.getsafeonline.org/ - Practical online safety advice

• https://www.scamvoid.net/ - Check website reputation and safety

Need more help?

If you have any trouble using these shortcuts, feel free to ask for help in the Online Community or submit a request through our Service Desk.

 Related articles