How could fraudsters get hold of my data?
Fraudsters often look for data on people that they can use to impersonate or defraud them.
They may research you or your colleagues, so we advise that you educate your staff about protecting their data and ensure they are fraud aware too.
What kind of data might a fraudster steal?
- Personal details, such as your name, address, date of birth and National Insurance number.
- Contact details like your mobile phone, landline, work number and email address(es).
- Memorable information used for security and passwords, such as mother’s maiden name, schools or university attended, pet names, car makes and names of family members.
- Your bank account number, sort code and card details.
- PINs, passwords, Digipass number or other login details.
Ways fraudsters might get hold of your data:
- Social media and online forums – LinkedIn, Facebook, Twitter, Instagram, Reddit – all public platforms could hold a wealth of information about you, your employees, your business and your customers.
- Your company website – if your business has a website, consider what information you include. We advise you not to put your bank details on your website, as fraudsters can use this to impersonate you or your bank.
- Competitions and quizzes – particularly those found on social media websites.
- Calling you and pretending to be a trusted organisation.
- Companies who sell your email address or phone number - always read terms and conditions when signing up for a product or service.
- Bank statements, post and paper documents. Always lock away documents that hold sensitive information and destroy them when no longer required.
- Hacking into email accounts. Ensure your IT systems are secure and be wary of using shared internet connections outside of work. Consider that your suppliers, customers and partners can also have their emails hacked. We recommend that you do not share sensitive data via email – if you need to, encrypt the information with a password.