Take me straight to:
Update your browser
Make sure your web browser is up to date. The latest versions offer the best protection against viruses and can warn you about fake websites.
Keep your software up to date
It's a good idea to install software updates as soon as they become available. Viruses take advantage of bugs, which are often fixed in the free updates that are released.
Be wary of fake emails about software updates and don't click on any links to them.
With Windows 10, you can check if your computer is up to date by going to 'Update & Security' in the 'Settings' menu.
Secunia also has a free online service that checks most common programs to see if an update is available.
Don't share personal information online
What's your mother's maiden name? The first school you went to? Your address? Birthday? Phone number?
All of this information is useful to people who want to steal your identity or break into your online banking account. If you use social networking sites like Facebook, Twitter or Instagram, make sure you're not over-sharing your personal details.
Adjust the privacy settings on each site you use so only people you trust can see what you post.
Please also remember that you must take all reasonable precautions to keep your details safe and prevent any unauthorised use of any cards and security details. If any information forms part of your security details, you should therefore make sure that you do not disclose it to anyone else – see terms and conditions that apply to your account(s) for more detail.
Don't use public wi-fi or shared computers
Avoid using online banking, e-mail, social networks or shopping sites on public wi-fi or shared computers.
Public computers often don't have adequate protection installed to prevent malware, key loggers and other malicious software that may record your log on details. Don't ask sites to 'remember' your personal information, such as usernames or account details, as they could be accessed by others later on.
If you're searching for a wi-fi connection on your own device, beware of scam wi-fi hotspots that can track your activity if you connect to them.
Dispose of paper statements securely
When it comes to your personal details, it's not just online security you need to think about.
Paper statements contain lots of information that's useful to criminals, so make sure you store them securely. Fraudsters may even search your dustbin for documents, so shred statements before throwing them away if you can.
Be alert to scams
Be wary of deals that sound too good to be true.
Criminals may contact you by email, through websites, by text or by phone with what sounds like an amazing opportunity. They can be very convincing, so it pays to be on your guard and to make sure the offer is genuine.
Signs it's a scam:
- Urgency: "Act now, before it's too late".
- Unnecessary secrecy: "Don't tell anyone".
- Easy money: "We'll pay you just for holding some money in your account".
- Big threats: "Your account has been hacked".
- Big promises: "You've won the lottery".
- A call out of the blue - did you even buy a lottery ticket?
If an attachment looks suspicious, don't open it. Don't install software unless it comes from a website you trust. If it doesn't feel right, take your time to check things over.
If you suspect that there's a problem with your online banking account, you can always call us on the number on the back of your card.
Don't fall for fake websites
Criminals use fake websites to con people into giving away passwords and bank details. The technical word for this is 'phishing'.
They're good at making their websites look realistic, but there are ways to spot a fake...
Signs it's a scam:
- Strange-looking web address.
- Poor design, typos or bad spelling.
- Asks you to do something unusual.
- No padlock in the address bar.
Security software and an up-to-date web browser can help to block fake websites.
Beware of fake emails
Along with fake websites, fake emails are another example of 'phishing'.
A scam email might encourage you to reveal personal or financial details that could be used to access your accounts. They might ask you to make a phone call or reply by email to provide security details.
If you're trying to work out whether an email is genuine, look out for a strange email address, typos / poor spelling and unusual requests. If the email says it's from HSBC, you can also call us to check.
Secure your mobile phone
Your mobile phone contains a wealth of personal information about you, including your banking details.
To stay secure, you might want to:
- Set a security PIN or use Fingerprint / Face ID to access your phone.
- Set your phone to lock automatically if you don't use it for 5 or 10 minutes.
- Avoid storing passwords or other sensitive information in your notes or messages.
- Avoid saving your home phone number and address under ‘Home’ in your contacts.
It's also wise to be on your guard for text message and voicemail scams, and think twice before tapping on any links.
If you lose your phone report it to your mobile phone provider immediately. Make a note of your phone's IMEI number (dial *#06# to get it). This will make it easier for your phone company to disable a stolen phone.
Protecting your devices
Follow these housekeeping tips to protect your devices from security threats:
- Install antivirus and anti-malware software.
- Keep anti-malware and antivirus applications up to date.
- Don't click on email links or attachments.
- Delete cookies regularly.
There’s more advice about protecting your device on the National Cyber Security Centre website
Explore more
Use the internet safely
Find out about staying secure online and the scams, risks and pitfalls to look out for.
Set strong passwords
What makes a good password? Get tips on creating one that's tough to crack, as well as advice on how to keep it to yourself.
Protect your privacy
Learn about guarding your personal information when using the internet.