Cyber crime
Several million cases of fraud and of computer misuse are reported to the police every year. It's staggering, but even more staggering is that so many of those crimes could have been prevented by making a few small changes in online behaviour.
To avoid becoming a victim of online crime you don’t need to be a computer expert. Developing a few good online habits drastically reduces your chances of becoming a victim of cyber crime, makes you less vulnerable and lets you use the web safely.
Visit Cyber Aware for step-by-step instructions on keeping your devices up-to-date with the latest security updates, and for more online security advice.
Online fraud, also known as cyber crime, covers all crimes that:
- take place online
- are committed using computers, or
- are assisted by online technology
How to reduce your chances of becoming a victim
- try using three unrelated words, eg fishbooktable; and think of three different words for each account, so if one is compromised the others are safe
- never give personal or sensitive details out online or over email
- make sure all devices have up-to-date anti-virus software and a firewall installed
- keep software and apps regularly updated
- only download from legal, trusted websites
- only open emails and attachments from known and trusted sources
- only ever use websites that start with https://, however make sure that you're on the correct site by sense-checking the full website address
- avoid using public WiFi hotspots that are not secure, use your 3/4G data. If you have no choice but to use Public WiFi, then only use it with a Virtual Private Network enabled on your device
- regularly back up your data
- control your social media accounts – regularly check your privacy settings and how your data is being used and shared
- be cautious of internet chats and online dating – there’s no guarantee you’re speaking to who you think
- be extremely cautious if you’re asked for money
Email and text scams
Be careful when opening emails and texts, especially if you don't know the sender. If an email or text is unexpected or seems unusual, even if it’s from someone you know, ignore it and contact the sender directly to check if they sent it.
Your bank, the police and reputable companies will never ask for sensitive or financial details via email, phone or text.
To protect yourself from scams, known as 'phishing':
- don’t open attachments or click on links in emails or texts from senders you don’t know
- never give out personal information, financial details or passwords in response to an email, when you receive an unexpected phone call or in response to a text message
- set up spam filters on all of your accounts
- don’t respond to emails or texts from unknown sources
- always go to a website directly, by typing out the address yourself, when logging into an account
Social networking
Social networks are a great way of keeping in touch with friends and family, but be careful about how much personal information you share.
Once you post or share something on any social media platform it’s out of your control and could be shared and used by others, even if you delete it.
Make sure you:
- set your privacy settings to the highest level and check them regularly as updates can affect settings
- don’t add or accept ‘friend’ requests from people you don’t know
- where possible, block apps and social media sites from tracking and showing your location, to stop people you don’t know from following you
- think carefully about the images, videos and content that you share
- remember that if you wouldn’t do or say it in the real world, don’t do it online
How to spot a fake website
If an online offer looks too good to be true, it probably is. To help spot a fake site:
- sense check the domain name
- are the prices too good to be true?
- never pay by bank transfer – legitimate sites will accept payment via usual methods, such as bank card and PayPal
- read the terms and conditions, and policies, to check they're clear and fair
Back up your data
Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless they pay a ransom.
Regularly back up all your documents and photos in at least one other place to minimise the risk of losing everything if you get a ransomware virus. You can back up data onto:
- a USB stick
- an external hard drive, making sure that the drive isn't connected at all times, as ransomware can infect devices connected to your network
- a cloud server, making sure that the password you use for cloud servers and backups is a strong password and one you don't use anywhere else
Tips for parents and guardians
The internet lets children connect with friends and learn new things. But there are also dangers to going online, and children can be particularly vulnerable.
Talking to your child is one of the best ways to keep them safe online. By understanding the risks and keeping yourself up-to-date on the latest technology, websites and social networks you can help your child enjoy the internet safely and securely.
To help protect your children online:
- keep computers and games consoles in family rooms where you can monitor activity
- install parental control software or activate parental controls through your Internet Service Provider (ISP) to prevent access to inappropriate content
- ‘friend’ or ‘follow’ your child on social networks, so you can see how they're using them
- check age restrictions for websites or social networks to make sure your children are allowed to join
- advise your child not to post personal information or any images they wouldn’t want everyone to see
- check their social media accounts’ privacy settings, so their posts are only seen by friends and their location isn’t tracked
- avoid using webcams unless talking to close friends or family, and consider covering it when not in use
- monitor how your children use the internet and watch for any secretive behaviour
- encourage your child to be open about what they do online and who they’re talking to
- insist you go with them if they wish to meet online friends
- ensure the games your children play online are age appropriate
Report cyber crime
If you are currently being subjected to a live and ongoing cyber-attack then please contact us on 101.
If you suspect you’ve been scammed, defrauded or experienced cyber crime, the Action Fraud team can also provide the help, support and advice you need.
Call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).
Further advice and support
We recommend you check your privacy settings and stop people following you that you don’t know on Facebook.
You should also check your privacy settings on Twitter, Instagram and Snapchat.
Action Fraud – the UK's national fraud and cyber crime reporting centre
Cyber Aware – essential advice on protecting yourself online
National Cyber Security Centre – helping to make the UK safer to live and do business in the UK
National cyber resilience centre group - a policing-led, not-for-profit organisation, protecting businesses from cyber-related crime
Help for businesses
The Cyber Resilience Centre for the South East supports and helps protect small and medium sized enterprises, supply chain businesses and third sector organisations against cyber crime.
They can help provide security awareness training, vulnerability assessments and other guidance around protecting yourself.
Cyber Security For Business: Threats you must address in 2025
NatWest Online Webinars:
08 October 2025 - Fraud Unmasked - Protecting Your Business | NatWest Business
16 October 2025 – Fraud & Cyber Unmasked – in partnership with AJ Gallagher | NatWest Business
21 October 2025 - Fraud Unmasked - Protecting Your Business | NatWest Business
12 November 2025 - Fraud Unmasked - Protecting Your Business | NatWest Business
HSBC Online Webinars
Fraud & Cyber Awareness: Prepare | Contain | Recover: Real-World Cyber Attacks & Practical Play Book for Business Resilience:
22/10/25 10:00am: Webinar Registration - Zoom
22/10/25 10:00am: Webinar Registration - Zoom
Cyber fraud
It is estimated that at least 84% of fraud reported nationally is cyber-enabled. By using ICT, it allows criminals to target a much bigger audience.
If you have been a victim of a cyber scam or fraud, you can report it to Action Fraud.
If you have been a victim of cyber fraud and the crime is in progress or it involves a vulnerable victim you should report directly to the police either by calling 101 or 999 (if it's an emergency).
Below are some guides that have been created to help business, organisations and charities to help protect themselves from cyber crime.
The Little Book of Cyber Scams guide has been created by the Metropolitan Police Service to offer advice to individuals and small enterprises on how to stay safe in the cyber world.
The Small Business Guide contains information around the most common cyber attacks. The advice in this guide will help significantly increase your protection from the most common types of cyber-crime.
The Cyber Security Toolkit for Boards helps board members understand cyber security which is central to an organisations health and resilience.
Phishing Attacks: Defending Your Organisation shows how organisations can help defend themselves against malicious emails and other phishing.
Password Policies is key to keeping yourself and your information safe.
Digital Confidence Training
Digital Confidence Training
FREE in-person three and a half hour training session for anyone who wants to increase their own digital confidence or help support others.
Digital Confidence Training Tickets, Tue, Nov 25, 2025 at 10:00 AM | Eventbrite
Online Safety
Empower Yourself: Online Safety for Beginners
Become cyber-resilient with this engaging, non-technical webinar designed to empower you and your loved ones to stay safe from cyber-crime.
Safeguarding Humanity: Dangers of AI
Safeguarding Humanity: Dangers of AI Tickets, Tue 21 Oct 2025 at 19:00 | Eventbrite
Join this engaging and interactive session to explore how AI has transformed our world, the threat landscape and how you can use it safely.
The Digital Dilemma: Keeping Children Safe Online:
Protect yourself and your family with this engaging session designed to help your loved ones thrive in the digital age.
The Digital Dilemma: Keeping Children Safe Online Tickets, Sun, Oct 5, 2025 at 10:30 AM | Eventbrite
The Digital Dilemma: Keeping Children Safe Online Tickets, Wed, Oct 15, 2025 at 1:00 PM | Eventbrite
The Digital Dilemma: Keeping Children Safe Online Tickets, Mon, Oct 20, 2025 at 8:00 PM | Eventbrite
Keeping Children Safe Online Tickets, Tue, Oct 21, 2025 at 10:30 AM | Eventbrite
The Digital Dilemma: Keeping Children Safe Online Tickets, Wed, Oct 22, 2025 at 8:00 PM | Eventbrite
Cyber Choices for Parents & Carers: Safeguarding Against Cybercrime:
Learn how to help your children avoid cyber offending at our event "Cyber Choices for Parents & Carers: Safeguarding Against Cybercrime"!
Help for charities
Protect Your Purpose - Cyber Security For Charities Tickets, Mon 20 Oct 2025 at 14:00 | Eventbrite
An engaging webinar designed to support the Charity sector in managing Cyber risks. The session is appropriate for employees and managers.
Other types of cyber crime
Hacking
Hacking is when a criminal gains unauthorised access to a computer system. This is usually over the internet. It could be a computer at a business, a bank, or your own personal device at home.
Once a hacker gains entry to a system they can do anything a real user can. They may steal sensitive information or install malicious software. They could even access online bank accounts.
Ways to protect yourself from hackers
- Use strong passwords. Make your passwords as difficult to guess as possible.
- Use Two Factor Authentication (2FA). This provides an extra security check when logging into online accounts.
- Keep your software up to date. This can prevent hackers exploiting security issues found in applications.
- Use a firewall. Firewalls protect one computer network from another by only allowing certain communications. Most computers with Windows or Mac OS come with a software firewall installed. Make sure it is on.
You can check if your email address or password has been exposed online on the ‘Have I Been Pwned’ website.
Malware
Malware is short for malicious software. It refers to programs created to damage or gain unauthorised access to our devices. These programs can then disrupt normal operation or steal information.
Different types of malware include:
- computer viruses, including ‘worms’ or ‘trojans’
- ransomware - a type of malware that makes data or systems unusable until the victim makes a payment
- keyloggers, which attempt to steal passwords or credit card information
Malware can get into a computer or device via:
- contaminated email attachments
- infected websites
- corrupted memory sticks, floppy disks, DVDs, CDs, cameras or networks
Ways to protect against malware
- Use antivirus software and keep it up to date.
- Only open email attachments from trusted sources. Check with them if you are unsure about something before opening it.
- Back up your data regularly and keep copies in a safe place.
- Use a firewall.
- Don’t connect any unknown devices to your computer.
Denial of Service (DoS) attack
A DoS attack makes a website or other internet-based service unavailable. The attacker sends a huge number of requests to the site or service at once, causing it to crash. Attacks from more than one computer are 'distributed denial of service (DDoS)'.
Most victims of DoS attacks are high-profile organisations. This includes multinationals, government agencies, banks and other financial institutions.
DoS attacks in themselves do not cause damage. When the attack stops, things generally return to normal. Instead, they can cause loss of business or reputational damage.
Possible signs of a DoS attack
If you are running a website or internet service, typical signs of a DoS attack are:
- your website becomes very slow or unavailable
- you are receiving a dramatic increase in spam emails
What to do if you experience a DoS attack
If you believe an active attack is occurring on your system or service, you should:
- contact your internet service provider, as well as your web host, to make them aware
- report it to Action Fraud
Visit the National Cyber Security Centre for detailed guidance on DoS.
Report cyber crime
If you are currently being subjected to a live and ongoing cyber-attack then please contact us on 101.
If you suspect you’ve been scammed, defrauded or experienced cyber crime, the Action Fraud team can also provide the help, support and advice you need.
Call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).
Other types of cyber crime (1)
Hacking
Hacking is when a criminal gains unauthorised access to a computer system. This is usually over the internet. It could be a computer at a business, a bank, or your own personal device at home.
Once a hacker gains entry to a system they can do anything a real user can. They may steal sensitive information or install malicious software. They could even access online bank accounts.
Ways to protect yourself from hackers
- Use strong passwords. Make your passwords as difficult to guess as possible.
- Use Two Factor Authentication (2FA). This provides an extra security check when logging into online accounts.
- Keep your software up to date. This can prevent hackers exploiting security issues found in applications.
- Use a firewall. Firewalls protect one computer network from another by only allowing certain communications. Most computers with Windows or Mac OS come with a software firewall installed. Make sure it is on.
You can check if your email address or password has been exposed online on the ‘Have I Been Pwned’ website.
Malware
Malware is short for malicious software. It refers to programs created to damage or gain unauthorised access to our devices. These programs can then disrupt normal operation or steal information.
Different types of malware include:
- computer viruses, including ‘worms’ or ‘trojans’
- ransomware - a type of malware that makes data or systems unusable until the victim makes a payment
- keyloggers, which attempt to steal passwords or credit card information
Malware can get into a computer or device via:
- contaminated email attachments
- infected websites
- corrupted memory sticks, floppy disks, DVDs, CDs, cameras or networks
Ways to protect against malware
- Use antivirus software and keep it up to date.
- Only open email attachments from trusted sources. Check with them if you are unsure about something before opening it.
- Back up your data regularly and keep copies in a safe place.
- Use a firewall.
- Don’t connect any unknown devices to your computer.
Denial of Service (DoS) attack
A DoS attack makes a website or other internet-based service unavailable. The attacker sends a huge number of requests to the site or service at once, causing it to crash. Attacks from more than one computer are 'distributed denial of service (DDoS)'.
Most victims of DoS attacks are high-profile organisations. This includes multinationals, government agencies, banks and other financial institutions.
DoS attacks in themselves do not cause damage. When the attack stops, things generally return to normal. Instead, they can cause loss of business or reputational damage.
Possible signs of a DoS attack
If you are running a website or internet service, typical signs of a DoS attack are:
- your website becomes very slow or unavailable
- you are receiving a dramatic increase in spam emails
What to do if you experience a DoS attack
If you believe an active attack is occurring on your system or service, you should:
- contact your internet service provider, as well as your web host, to make them aware
- report it to Action Fraud
Visit the National Cyber Security Centre for detailed guidance on DoS.
Report cyber crime
If you are currently being subjected to a live and ongoing cyber-attack then please contact us on 101.
If you suspect you’ve been scammed, defrauded or experienced cyber crime, the Action Fraud team can also provide the help, support and advice you need.
Call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).