Security Centre
We work hard to ensure our clients' accounts and online dealings are as safe and secure as possible.
Have a question or wish to report fraudulent activity? Please call us on: 0117 900 9000. Mon - Fri: 08:00 - 17:00 Sat: 09:30 - 12:30 or you can email us at any time.
New scam warning: WhatsApp and social media
Adverts falsely claiming to be from HL or its founders, Peter Hargreaves and Stephen Lansdown, are promoting a private WhatsApp group for investors on social media. This is a scam.
WhatsApp and social media – Scammers have been impersonating investment experts, such as HL's founders, Peter Hargreaves and Stephen Lansdown, and promoting private WhatsApp groups for investors on social media. Victims are often encouraged to make investments in certain stocks (as described below) and can end up losing a lot of money. Anyone investing in these circumstances should proceed with extreme caution. HL does not use WhatsApp and our founders are not on social media, so anything purporting to come from HL is a scam.
Specific stock scams – Fraudsters often promote stocks with false or misleading information encouraging others to invest which, in turn, inflates share prices. They then take advantage of this and sell off their own shares for a profit, leaving victims of the scam facing potential losses. The information provided in these campaigns is not provided by HL or any affiliated person.
Risk of secondary scams – Be aware that once targeted by a scam, you're more likely to be contacted again by people claiming to be able to help you recover any losses. Never share your login credentials and be vigilant of anyone asking for your personal information or account details.
If you see an advert like this, please report it and speak to us if you have security concerns.
How to protect yourself from online threats
Are you protecting yourself the best you can?
How we protect your account
What we do to make sure your accounts are secure.
How safe are your investments?
Ways we make sure your investments are protected.
Common types of fraud
Here are three of the most common scams that HL clients might experience. Learn more about the specifics of these scams and how to protect yourself from them.
Frequently asked questions
If you have reasons to believe your details may be at risk, there are steps you can take to protect yourself from fraud. You can regularly obtain a copy of your personal credit file from one of the credit reference agencies to see which financial organisations have completed checks on your details as this would indicate they have received an application in your name. Those credit reference agencies may also be able to offer a protective registration service which will alert you whenever your details are used to apply for financial products – please note there may be a fee for this service. You should inspect your post – many organisations will send out welcome letters which should alert you if anything untoward is happening. If you believe your post is being intercepted, please contact Royal Mail who will be able to offer further guidance on how to tackle the problem. If you are an existing Hargreaves Lansdown client and experience problems with your post, please let us know.
If your personal details have been used for fraudulent purposes (for example to open an account in your name), you should make a report to Action Fraud as a victim of identity fraud. You should also contact the company who received the application directly, to inform them of the situation.
If you are experiencing difficulties logging in to the secure section of our website or are being asked to log in repeatedly at inappropriate times during a session, we would suggest clearing your internet cache. If using a Windows PC, you can do this by holding 'control' and pressing 'F5' whilst on the relevant web page.
Hopefully this will resolve the issue for you. However, if it does not, it is worth trying a more extensive reset. To do this please hold 'control' and 'shift' and then while holding these press the 'delete' key. This will open a window titled 'Clear browsing data'. If there is an option to set the time range to clear, please set that to the furthest back you can and ensure that if 'Preserve favourites website data' appears then that is not ticked. You will also then need to check that any option that mentions 'Cookies' or 'Website data' are ticked and then confirm this action with the 'Delete' or 'Clear browsing data' button at the bottom of this window. If using Safari, navigate to the privacy tab, and click 'Remove All Website Data'.
If you believe your email account has been compromised, you need to take immediate steps to secure it by resetting your password. You should use strong passwords with a variety of characters and avoid using dictionary words or real names associated with you.
If you use combinations of the same passwords across various sites, then you will have to also reset those credentials. Check your spam/junk folders for traces of any password reset requests or replies to emails which have not been sent by you, as fraudsters may have tried to launch a phishing attack to your contacts.
If you use email programs or you get your email on your phone or tablet, you will have to swap the compromised details on each device for the newly created secure password. Consider all the implications of a compromised email account – think what information a third party would be able to glean from the emails stored in your account and take action as required.
Finally, make sure you perform detailed sweeps of your device to check for any weaknesses which could have facilitated the breach of your email account.
Please remember that if you are set up for paperless service with various organisations you do business with, they will use your email address for vital communications, many of which are designed to alert you of any unauthorised activity. Contact those providers directly to check if any changes or actions have been performed in the time your email account was controlled by the fraudsters.
If you are concerned about a similar breach happening in the future and want protection going beyond strong, unique passwords, you could enquire with your email provider if they have any two-factor or two-step authentication solutions on offer for you to utilise.
The exact time and date stamp of your last login session is displayed in the top corner of the page each time you log in. This information is a good way of ensuring you are the only person using your account.
We generally suggest that you avoid public wireless networks to access your Hargreaves Lansdown account. Public Wi-Fi networks either do not require authentication at all or require a password which is the same for all its users, both of which create a playing field for fraudsters who can target unsuspecting individuals and glean precious information floating in an unsecured environment. Turn off Wi-Fi when you are not using it to prevent your device from automatically connecting to networks.
Please remember that changing your passwords regularly is one of the most effective ways to ensure the safety of your accounts. If you have accessed your Hargreaves Lansdown account in a public Wi-Fi zone, next time you are within your secure connection consider changing your password.