Stay one step ahead of the scammers - 31 March 2020

There’s growing evidence of a spike in email and phone scammers as criminals look to seize on people’s vulnerabilities during the current coronavirus pandemic. 

Maybe you’ve received one claiming to be from organisations you would trust such as:

  • the Government asking for your bank details so money related to free school meals can be transferred;
  • HMRC stating you have a tax refund;
  • banks asking you to confirm your details;
  • emails from criminals disguising themselves as an organisation;
  • callers offering coronavirus testing kits and protective equipment; or
  • calls telling you your internet is going to be cut off in 24 hours because you’ve been hacked.

The common factor with emails is that you can only find out more if you click on a link or open an attachment. An automated call will invariably ask you to press buttons on your phone and skilled criminals on live calls can deftly convince you of their legitimacy. And that’s when the damage starts. Either by inadvertently giving criminals access to your computer or phone or, at the extreme end of the scale, emptying your bank account. 

The good news is there are some simple steps to take to ensure you stay safe and don’t fall victim to these invisible criminals. Before you take any action, pause and take a moment to consider: 

  • Is the email addressed to you personally or is it addressed to “Dear customer” or “Valued customer”?
  • Is the spelling, punctuation and grammar correct?
  • Does the email ask you to urgently verify details within a specific time limit?
  • Does the sender’s email address look legitimate?
  • Does the email look like previous emails you have legitimately had from the same organisation?
  • Does the email ask for your bank account details, online banking passwords or your PIN number and CVC code for your debit card?
  • Does the caller’s offer sound too good to be true? Then it probably is.
  • Do you actually have an existing relationship with the caller?

Agencies across the UK, and beyond, are working together providing advice on how to stay safe online. The National Cyber Security Centre has an abundance of guidance including how to spot and deal with suspicious emailstop tips for staying safe online and securing your devices. The National Crime Agency is advising people to StopChallenge and Protect and to remain vigilant against fraud. 

Action Fraud, which has reported a 400% rise in Coronavirus fraud reports, offers advice on protecting yourself from scams. The Financial Conduct Authority has published information about potential coronavirus scams, how they could affect you, and how to protect yourself.

Citizens Advice has a handy online toolkit which helps you check if something might be a scam and National Trading Standards has launched a campaign to “wash your hands of coronavirus scams”. 

You can also read our advice on these types of scams on our Your data matters web pages and if you receive any suspicious emails or phone calls you can report these to the ICO.

Remember before you open that email or proceed with a call, just take a moment – now and in the future - to consider the authenticity before you continue.

Coronavirus and personal data; what you need to know - 18 March 2020

Your personal information may not be your first thought when it comes to coronavirus, but if you’re worried, we’ve put together some information to help.

  1. Government, the NHS and other organisations will make sure you get vital public health messages via phone, email or text. You don’t need to give them your consent.
  2. You might be asked to give details about sensitive health conditions and recent travel that you think are excessive. Employers and organisations do have an obligation to protect their staff, so in some cases it can be reasonable for them to ask you if you have experienced coronavirus symptoms. But they shouldn’t be asking for more information than is necessary, and if you are concerned speak to the organisation involved.
  3. If you become ill with coronavirus, your employer might need to tell your colleagues. But that doesn’t mean they need to give out your name.
  4. If you’ve made a Freedom of Information request from a public body or made a subject access request (SAR) for your own information, you should expect delays in response. That’s because organisations are diverting their resources to help with other challenges. 

This Valentine’s day, don’t let your date steal your data! - 14 February 2020

Online dating has never been more popular, with half of 16-34-year-olds using dating apps and new sites popping up all the time. Whilst its now easier than ever to find the love of your life, online dating is not without its pitfalls, particularly where your personal data is concerned.

Some romance scammers can use online dating sites to gather personal data and steal your identity. Your name, address and date of birth provide enough information to create another ‘you’. An identity thief can use a number of tactics to find your personal information and can then use it to open bank accounts, take out credit cards and apply for state benefits in your name.

How can I protect myself from dating scams?

Keep the mystery alive

Think carefully when picking your user name – MancBen93 would give scammers a good idea of where you live and your date of birth. Avoid putting too much information on your profile.

Don’t overshare too soon

Romance scammers might ask for your address to send you gifts or your phone number so they can contact you. Always wait until you feel comfortable and have met in person before sending over any personal information.

Make sure your dating app is the one

Different dating apps will ask for different levels of personal information and some will connect with other social media apps. Make sure you know exactly how much of your personal information other users can see and that you’re happy with how much is being given away.

I think I’ve been a victim of a romance scam – what can I do?

Our guide to identity theft has more information on some of the signs to look out for and what you can do if you’ve been a victim.

You can also get more advice at:

Safer Internet Day - 11 February 2020

Happy Safer Internet Day!

This year’s theme is Free to Be, discussing how young people manage their online identity, and how the internet changes how they think of themselves and others. The day aims to highlight the fact that the internet is a great place for children and young people to express themselves. It’s also somewhere to find out more about other people who may have different views.

But it’s important that people are aware of the issues that children and young people face online. We can all play a part in making sure the internet is a safe area for everybody of whatever age to share their views.  

Lots of children can download apps, play online games and use social media sites. Most of the time they are better at this than their parents! Current research suggests that children make up a fifth of all internet users in the UK.

However, they’re using an internet that wasn’t designed with them in mind. That’s why the area of children’s privacy has become a priority area of work for us.

We have recently published our Children’s Code. The aim of this code is to protect children’s privacy online by making it clear to designers and developers they must put the best interests of their child users first

How do we expect them to do this?

The code sets out 15 standards that online services like websites, apps and games, that are likely to be used by children should meet to protect children’s privacy.

The code, which is rooted in data protection law, says that whenever children access a new website or app,  baseline privacy standards should be in place to protect their personal data and privacy by default.

The code is making its way through the Parliamentary process and we expect organisations to start implementing the standards after that. Once the code takes full effect, we’ll be able to take enforcement action against companies that fail to put our children first.

Safer Internet Day strives to make sure our children can enjoy the benefits of the internet and stay safe. And our code is a concrete step in the right direction.

In a generation from now, we will find it astonishing that children weren’t always protected in this way.

We have a section on our Online Safety pages offering practical tips about how you can help to keep your children safe online.

Updating WhatsApp on your device - 17 May 2019

On 14 May, WhatsApp announced an incident involving a spyware vulnerability on WhatsApp.

There are currently two agencies dealing with the incident, the National Cyber Security Centre (NCSC) on behalf of UK consumers and the Irish Data Protection Commission (IDPC) as the lead authority for WhatsApp under the EU GDPR.

We are currently liaising with the Irish Data Protection Commissioner to determine whether any UK users have been affected.

For anyone concerned about using WhatsApp the advice is to update your apps using standard updates from the app store as a precaution.

More detailed advice and information are available from National Cyber Security Centre (NCSC) and the IDPC.