Staying safe online

Here are some simple tips to help you stay safe and secure when you’re using websites and apps.

Impersonation scam awareness (June 2021)

What to look out for:

 

Were you expecting a call?
Unless you requested a callback and the person calling knows exactly what the issue was about, you should be wary of anyone claiming to be UW. Faking phone numbers or names are both possible, so if you’re not expecting the call, or you just want to reassure yourself, please hang up and call us back on the number on our website or your bill. Your security is important to us, so if it’s really us, the representative you’re talking to won’t mind you taking extra steps to confirm that you are talking to us.

Have you been asked to install software?
We will never ask you to install software on your device, especially remote access software. If someone claiming to be us does ask you to install something on your device, please hang up and call us from the number on our website or your bill immediately so we can look into this.

Only share information with us that we need
We’ve seen some scammers ask to see bank balances or payments in statements. UW will never need this information from you as we can verify payments with our own systems. If you’re ever asked to provide this information, please don’t as it can then be used to make the scam seem more realistic such as mentioning your last payment amount, or editing it to show you were refunded money you shouldn’t have, for example.

If you believe you have fallen victim to one of these scams, contact Action Fraud at actionfraud.police.uk or 0300 123 2040 immediately, and then when you feel comfortable doing so, let us know so that we can provide reassurance and the methods we have to help verify ourselves and secure your account.

The latest SMS scams (May 2021)

What to look out for:

 

Unexpected SMS messages
If you’re not expecting an SMS message, for example you’ve not placed any online orders and you receive a delivery message, check it directly on the company’s website. Don’t interact with the SMS itself, such as clicking on any links.

Mobile application downloads from unofficial sources
Applications should always be downloaded from the official app store for your phone. This could be the Google Play store, Apple Store or other vendor-specific stores. If anyone asks you to download it from another website, or to change your settings to allow the install of unknown apps: close the website, delete any downloaded files and report the SMS message by forwarding it to ‘7726’.

Links in SMS messages
Just like with our advice on phishing emails, check the domain name in the link (i.e. our website domain is www.uw.co.uk) to see where it really goes. For example, if a message mentions tracking a delivery on ‘DHL’, but the domain name in the link has another unrecognisable reference in it - it is not a legitimate DHL SMS or website link. If you’re ever in doubt, you should visit the company website directly or by using a search engine rather than clicking on the link in the SMS.

If you believe you've been a victim of an SMS scam, please follow the advice from the NCSC here.

Consider what you share on social media

Data from your profiles or posts – like email addresses, phone numbers, your date of birth and even your pet’s name – could be the key to your digital castle in the wrong hands. Never share your password or PIN, and make sure it's hard to guess. Avoid using your year of birth, or your date of birth.

Use technology to keep your computer secure

Keep all your devices protected by using a reputable antivirus software. Some software will include licences for multiple devices, including mobile phones and tablets.

Use online security when available

Wherever you can, enable two-factor authentication (sometimes known as 2FA or MFA) on your online accounts. This provides you with an extra layer of protection.

Use unique passwords

Avoid using the same password on multiple accounts. If you find it hard to remember all your passwords, use a password manager to keep track of them. Then you'll only have to remember the password for your password manager.

Always check who sent the message

Be cautious when opening attachments or clicking on links in an email you aren't expecting. It's always safer to log in to your account via a trusted method to check any notifications.

Keep up to date with your accounts

Check your bank statements, accounts credit report regularly for suspicious entries or accounts you don't recognise. There are many free options available.

Be careful of convincing stories

Be wary of anyone telling you've been a victim of fraud, either online or over the phone. Fraudsters may try this tactic to gain your personal or banking information and can sound very convincing. Fraudsters can even spoof telephone numbers; pretending to call or text from a number you trust. A legitimate business won't mind if you hang up and call a number that you trust or log into your account.

Your rubbish is another person’s opportunity

You should shred or destroy any documents that contain your personal details before you throw them away.

Keep up to date and learn more

You can find news, updates and information on the latest scams here. And if you think you are or have been a victim of fraud, report it to Action Fraud as soon as possible. Other useful sites for information about staying safe online, include: