credit card

Colin Cloud series

Staying safe online

Latest research from the credit card team at has found that many of you have fallen foul of cyber-crime, with one in ten having suffered a cyber-attack on your credit or debit card in the last year. Read our hacker top tips on how to protect yourself online below.

pin number

Colin Cloud

We’ve partnered with Colin Cloud, the forensic mind reader, to reveal how predictable we all are when it comes to our security. He has some breathtaking insights on how we give ourselves away – watch the video below and be amazed!

Easy targets

As you can see from the video, we are all guilty of using easy to guess security information – giving cyber-attackers access to hack into your life and your finances.

Our research also makes it clear just how easy it is for fraudsters. A quarter of people admitted to using the same PIN number and password for all their cards and online accounts. Over half said it was for ease of use, and the sad result is that more than £2bn has been snatched from accounts by hackers in the last year.

These things can happen seemingly anywhere. 31% of those of you who had been hacked said it happened during an online payment. 10% had their card duplicated at an ATM and 8% were hacked when making a contactless payment – so it really pays to be vigilant.

Social media is particularly appealing to fraudsters keen to find out more about their victims, and their targets are increasingly young people. Nearly 24,000 under-30s were victims of identity fraud in the UK in 2015, more than double the number in 2010. The techniques used were varied and imaginative, from supplying false add-ons to hugely popular apps such as YouTube and WhatsApp, to using uploaded photos of concert tickets to generate fakes.

Looking for a credit card?

Compare credit cards in seconds and start saving

compare now

Once bitten, twice shy

It seems though that once you’ve been hacked, you’re more likely to take steps to protect yourself. Our findings showed that nearly half (49%) of those who had been hacked in the last year now check their bank accounts more regularly. 41% said they were considering changing or had changed their bank or credit card provider, 33% now never give bank details over the phone and 29% admit to paying for more items with cash and making online transactions less frequently in a bid to avoid hacks.

Jody Baker, our head of money, said, “With so many of us shopping and banking on the internet, combined with a rise in contactless payments, it’s more important than ever to be vigilant when managing your money. It’s a good idea to regularly check your bank statements for any unusual activity as criminals often make small but regular thefts which are harder to spot than larger one-off purchases.”

Top tips from a white-hat hacker

Social networks are ideal places for online criminals intent on financial exploitation. Adrien de Beaupre should know. He’s a white-hat hacker who conducts ‘penetration testing’ services for his clients. Businesses pay him to find flaws in their cybersecurity so they can fix them before the bad guys – the black hats – exploit them for real.

“We use social media sites to leverage information about our clients,” says de Beaupre. “Information like passwords, the name of your dog, where you went to school, your date of birth – all this information is readily available, and it’s all useful.”

Attackers can also hack social media accounts directly to pose as the individual, enabling them to gain trusted access to others. These attacks are rampant. 148,000 people were the victim of identity fraud in the UK last year, and one in ten people in the UK were hacked.

Here are de Beaupre’s top six tips to help you safeguard your social media and ultimately your personal security.

Watch your images

Sharing photos can be just as dangerous as sharing textual information. That innocuous picture of your home office might yield an unexpected prize for an eagle-eyed attacker.

It is common to see photos on social media where credit cards, driver’s licences and passwords on Post-It notes were all visible on nearby desks. Seeking out these photos is a common technique when hunting for passwords and other information.

image of password

Hide your location

Depending on the social network that you use and the application and version that you use to access it, you may be sharing your location by default with your posts.

Tweeting a post about a trip you are on can reveal GPS data that can be mapped onto a service like Google Maps. It’s possible to turn off your location in many social media apps and it is worth checking them all, as you may be surprised at which ones are broadcasting your location.

Get to know your privacy settings

One of the assumptions people have is that ‘only my friends can see that’. In reality, unless users take the time to adjust their privacy settings in some social networks, they may find their information open to others whom they don’t know.

Unfortunately, many people are still blissfully unaware of their privacy settings and 50% of people canvassed in the UK said that they had not taken any steps at all to protect their privacy on the internet.


Think before you click

It’s easy to click on things without really thinking about it, and you might argue that fast-paced social media networks are even designed this way. In many cases, though, these may be malicious links inviting users to install browser fake plug-ins that can take control of your machine.

Individuals will also often share social media posts from others that end up being scams or links to malicious sites; over three quarters of scams are shared manually by social media users.

Enable two-factor authentication

Even if an attacker guesses your password, you can make it more difficult to hack by using two-factor authentication. This uses a second device to authenticate you, typically a device on your phone, which you must use to confirm access. It can seem inconvenient at first, but it’s an absolute must to give you that extra level of protection.

2 step verification
zombie accounts

Don’t forget zombie accounts

Social media accounts never die – they just get hacked and your LinkedIn account has value whether you value it personally or not.

If an attacker gains access to a social media account that you haven’t used for years, they can arguably do even more damage when impersonating you and mining your contacts because you may never know that it’s happening. So if you do have any old accounts lingering, be sure to close them down fully.

Keep yourself safe

As more and more of our lives are conducted online, it really is important to take steps to protect your personal information so as not to compromise your finances or your identity.

Keep yourself safe by following these tips and checking your statements regularly. Be sure to look out for smaller, frequent thefts as these are often more common than large ones and try to keep yourself one step ahead of cyber-attacks. It could pay off one day.

Looking for a credit card?

Compare credit cards in seconds and start saving

compare now