No matter how sophisticated our controls are, we can’t do it alone. You have a vital role to play in ensuring the safety of your accounts. Below is a list of basic best practices when it comes to protecting yourself from fraud.
It is one of the most important principles to remember – once set up we will never ask you to divulge your full master password. If you are ever asked for your full master password on our website, by phone or by email you should stop immediately and contact us on 0117 980 9953.
Never write your passwords down or store them insecurely. If you do have to make a record of your log in details ensure these are kept somewhere secure and never store your username, master password and trading password details together. Always ensure that you are logged out after each session (use the log out button located in the top right hand corner rather than simply closing the browser).
Regularly changing your password can be one of the simplest yet most effective defences against unauthorised access to your account. TOP TIPS: You can change your password at any time by logging into your account and clicking on the ‘account settings’ tab.
Your password should be a unique mix of letters and numbers; it is widely endorsed that the best practice is not to use your personal information or common words as passwords. TOP TIPS: You could make up a sentence which is memorable to you and use it in the form of a password, using the first letters of each word and replacing some with the numbers.
With staggering numbers of malware threats being identified each day, ensuring your PC is well protected is a critical step in protecting your personal details. Ensure you have a firewall, anti-virus and anti-spyware software installed on your computer and that this is kept up-to-date. More information on choosing software to protect your PC can be found at Get Safe Online.
If you connect to the internet via a wireless network make sure you avoid those networks marked as ‘unsecured’. No matter how good your virus software and other methods of protection, if your network is not secure the information you enter into websites can be accessed by anyone looking to fraudulently obtain it. Secure networks display a padlock icon. Always make sure this is present before you log in to your Hargreaves Lansdown account.
In the age of smart phones with an app for everything, it is important to be aware that your phone, being able to do the same things as your PC, is exposed to similar risks as your home device. You should therefore apply the same safeguarding measures to your mobile devices. TOP TIPS: Make sure you maintain up-to-date software. Remember that every update aims to patch up any potential vulnerabilities identified with the previous version. Use strong passwords and make it a habit to change them regularly. Avoid public wireless networks. Public Wi-Fi networks either do not require authentication at all or require a password which is the same for all its users, making it easy for fraudsters to glean precious data. Turn off Wi-Fi when you are not using it which will prevent your device from automatically connecting to networks. Consider ‘remote wipe’ or ‘auto-wipe’ solutions: when your mobile device is lost or stolen, or has been compromised, you can remotely perform a factory reset from any computer with an Internet connection, wiping out all the data or even locking the device.
Never respond to unsolicited emails requesting your security details - Hargreaves Lansdown will never send you emails asking for your security details. Phishing emails will copy logos and styles in an attempt to appear genuine. The message may urge you to click on a link within the email which will then direct you to a ‘spoof’ website that looks like a genuine web page. The website will ask you to enter security details such as account numbers, usernames and passwords. This will give the fraudsters behind the scam full access to your accounts. Read more on what to look out for and how to protect yourself at Get Safe OnlineTOP TIPS: Examine the email for generic greetings, spelling or grammatical mistakes, and basic errors such as different fonts. You can also hover over the sender’s details and links to reveal the actual email address from which the email was sent, but be aware that fraudsters can produce a closely spoofed version of any URL or website. If you are ever in any doubt as to the authenticity of an email you should contact us by phone before clicking on any links in the email or opening any attachments.
It may sound like a cliché but if something is too good to be true, it most likely really is. The tell-tale signs of an investment scam include unexpected contact (by telephone, post or email); pressure to invest in a time-limited offer; promise of guaranteed returns and low or non-existent risks; being asked not to discuss this special offer with anyone else. Read more about the characteristics of the so called boiler room scams, and how to protect yourself on the FCA websiteTOP TIPS: Ask the person who contacted you for the name, address and the registration number, then check those details against official websites such as UK Companies House or the overseas equivalent, and check the FCA authorisation status by visiting the FCA website. If the calls persist, hang up!
Email is not a secure method of communication. Therefore you should never send us any personal or account information this way. We appreciate there may be times where it is more convenient for you to email us rather than call us so we have created a secure way you can send us a message. Simply log in to your account then click the contact us link – all the information you send us in this manner is secure.
Your identity and personal information are valuable commodities. Identity theft occurs when your personal information is used by someone else without your knowledge. You can take simple steps to protect yourself: regularly obtain a copy of your personal credit file from one of the credit reference agencies to see which financial organisations have accessed your details; be extra careful if you live in a property where other people could have access to your mail; contact the Royal Mail Customer Enquiry Line if you suspect your mail is being stolen; inform your bank, card issuer and all other organisations that you deal with immediately of a house move; ask the Royal Mail to redirect any mail from your old address to your new one; keep your documents in a safe place and report stolen documents without delay. TOP TIPS: Destroy any unwanted documents securely and check statements as soon as they arrive.
The internet can be a great source of information with websites like Scambusters, Action Fraud, Get Safe Online, Citizens Advice, FCA’s ScamSmart and Serious Fraud Office all offering good tips on how not to fall victim to scams.