What happens to your data when it has been stolen

Why you should treat your personal data as a currency

Criminals don’t need your money to profit from a scam.When you fill in personal details for freebies or competitions, you are supplying them with information.They could use this to build up a bigger picture for identity fraud, targeted social engineering attacks (such as spear phishing), spoofing or to gain access to other accounts (by knowing answers to security questions). Or they could simply sell the information on for someone else to do this.Even the information you post on social media can be collected and used. Posts about someone’s birthday, your pet, your family or your holidays could all give away the information a criminal needs to access your accounts.Criminals could take out loans or credit agreements in your name, run up big bills on your phone, transfer and take over control of your accounts, make bogus payments or big purchases, or launder money through your accounts.

What should I do if I think I've fallen for a scam?

If financial information is involved, contact your bank straight away.Change your passwords – make them strong and unique to every account. Consider a password manager to help you keep track of them.Contact Action Fraud if you became a victim. You can report it as a crime through them, and update the record later if needed.

• https://www.actionfraud.police.uk
• Call 0300 123 2040 (Monday to Friday 8am - 8pm)
• Textphone 0300 123 2050
• International +44 300 123 2040

If the scam claimed to be from a company, contact the genuine company and let them know. Many organisations have dedicated scam, phishing and fraud teams to help prevent and deal with attacks in their name.You can report unsuccessful phishing attempts to Action Fraud too – this helps identify trends and patterns, may help in other cases and could prevent future attempts.

Golden rules to avoid cyber scams

Too good to be true? Ignore it.Don’t open unexpected emails or any links/attachments in them.Don’t respond to phishing attempts or click ‘unsubscribe’ – tells criminal the account is active.Use different passwords for each account. If you reuse a password, criminals can access any account that shares it.Install anti-virus software on all devices – run checks regularly.Keep devices, apps and software up to date – check for new versions and patches.Don’t shop over public WiFi – they’re unsecured and could be a honeypot, tempting you to enter details which the criminal captures. They can then monitor everything you do online.Do your research:

• Even if you stick to familiar websites, make sure you are on the genuine company’s site by checking the URL, layout and contact details
• If you try somewhere different, make sure they are registered with Companies House, that you can contact them, and they have a physical address.
• Shop around and look for well-known alternatives to make sure you’re getting a genuine deal from a legitimate company.
• Check reviews of the site by searching online to see if anyone has reported it as a scam or had bad experiences.