Our tips for protecting yourself from fraud and scams

With fraud costing people in the UK around £10.9 billion every year, here are our top 5 tips to spotting scams and staying safe. 

  1. Never share a Santander One Time Passcode (OTP) with another person, not even a Santander employee. 
  2. Never download software or let anyone remotely log on to your computer or devices, either during or after a cold call. 
  3. Never enter your Online Banking details after clicking a link in an email or text message. 
  4. Never transfer or withdraw money out of your account if you’re instructed to do so for security reasons. 
  5. Never set up new or change existing payment details without first verifying the request directly with the person or company you’re paying, preferably using existing contact details. 

These are just a few of our recommended tips. If you’d like to learn more about keeping yourself secure from fraud and scams or finding out ways to protect yourself online, please read our other articles below.

Learn how to spot the latest scams 

Learn more about using a One Time Passcode (OTP) 

What to do if you've had a suspicious call or message 

Find out about the Take 5 fraud initiative 

Learn more about cryptocurrency fraud

Our tips for protecting yourself online

Cybercrime now costs $10.5 trillion globally, here are our top 5 tips to protect yourself online.

The amount of information we save on our electronic devices is always growing. Follow our simple tips to help keep your device safe.

Choose automatic updates

Updates on your phone, computer and apps usually include security improvements. Your information and devices will be better protected by enabling automatic updates (where possible).

Choose when to connect

Turn off the option to automatically connect to Wi-Fi, especially public networks. That way, you’ll be in control of when and where you connect. When connected to a public network, avoid making bank transactions and online shopping.

Browse securely

Websites starting with HTTPS (instead of HTTP) are more secure. When browsing a HTTPS page, the padlock symbol appears on the left-hand side of your browser.

Keep control of your devices

To avoid anyone accessing the information on your devices, turn on the ‘auto-lock’ and ‘Find My Phone’ features where possible. These will allow you to lock a device and even wipe its contents remotely if it’s ever lost or stolen. 

We’re told not to talk to strangers from a young age, and this should be applied to strangers today. From social media, cold calls and even doorstop sales, anyone could be watching or listening to the information you share, so it’s important to be discreet. 


Sharing information on social media and other platforms is now part of our daily lives. However, you should always pay attention to what you publish, especially if it includes financial details. You should also configure your security settings to block access to your social accounts for anyone you don’t know. That way, strangers won’t be able to use your information for other purposes, such as answering verification questions or creating more believable phishing emails. 

In person or by phone

Don’t share information with people you don’t know or can’t identify. Ask for more details to make sure people are who they say they are. When in doubt, don’t give any details. Instead contact the company in question directly through their official channels.  

Phishing is where cyber criminals send you emails in an attempt to steal your information. They usually pretend to be a reputable company, and it’s one of the biggest causes of fraud today. Emergency situations and hard-to-refuse offers are just some of the methods used to try and get your information. Read our top tips below for how to spot a fraudulent email. 

Genuine sender 

Do you know the sender and does the email address match one you already know? Most malicious emails will also address you generically, rather than by your name. 

Suspicious links 

An email may contain links, which take you to a different website than it suggests. If you hover your mouse over the link (without clicking), you can see a review of the actual link that you will be taken to. ​


Most malicious emails play to emotion or the urgency of a situation and many urge you for quick payment or personal information. Always confirm that this type of request is legitimate and never share sensitive information unencrypted.

Spelling and grammar 

Many phishing emails contain poor spelling and grammar. If you don’t recognise the sender, were not expecting the email, and it’s full of errors, it could be a phishing email or spam.

Having the same or similar passwords for all your accounts is a very common, but it’s not secure. You can improve the way you manage your passwords, and the security of your devices and accounts following these simple steps. 

Use passphrases

Passphrases are passwords that contain 3 or more random words. For example, it will take much longer to crack “ChickenDogRabbit” than “#sK8/aD”, and it’s much easier to memorise. Remember, it is a password’s length that makes it strong, not always its complexity.

Use multi-factor authentication (MFA)

In addition to having a strong password, using MFA where possible increases security. This method, which is now common practice for accounts such as email log-ins, requires additional forms of identification that only you would have, such as a code sent to your mobile or your fingerprint. 

Use a password manager

Never write down your passwords on sticky-notes or on devices. If you need to keep track of passwords, instead use a password manager. These applications allow you to save all your passwords in one place and it’s kept secure with a master code.

Don’t repeat passwords and avoid default ones

Never use the same password more than once. If you do, if one of your accounts are hacked it could mean all of them have been. You should change your passwords regularly and don’t use pre-defined one, such as Wi-Fi router default passwords.

If you’re ever unsure of an email, call or text, whether that’s because you don’t know the sender or the contents, you should always report it. You’ll know that an email is genuinely from us because we will always:

  • address it to you personally
  • include the last 4 digits of your account or card number
  • only include links that take you to Santander.co.uk information pages
  • never ask you for personal information such as passwords.

If you get an email that says it’s from us but you suspect it’s not, please forward it to phishing@santander.co.uk 

For suspicious text messages, known as smishing, please forward them to smishing@santander.co.uk 

To report a fraud or scam, please visit our How to report fraud page.

These websites explain even more about online security and how to protect yourself from fraud and scams as well as giving general advice.

It’s important to remember that these are external sites. Santander have no control over their content and clicking on these links means you’ll be leaving the Santander website.

Action Fraud – information about fraud and financially motivated internet crime. This site also contains information on the different types of fraud and how you can avoid becoming a victim.

Age UK – providing a free national advice line and local advice.

CIFAS –a UK fraud prevention service offering ‘Protective Registration’ to individuals who have fallen victim to, or are at risk of, identity theft.

Citizens Advice – provides free, independent and confidential advice on rights and responsibilities.

Experian – access your credit report and score, and get online identity protection and alerts.

Financial Ombudsmen Service – supports customers with most financial services 

Payment Systems Regulator (PSR) – ensures that payment systems are operated and developed in a way that considers and promotes the interests of all the businesses and consumers that use them.

Trading Standards –provides leadership, influence, support and resources to help combat consumer and business detriment nationally, regionally and locally.

Trusteer Rapport – provides free security software to help protect you against Online Banking identify theft and fraud.

Take a look at further information on how we can support your needs

Was this helpful?

Ask us a question

We'll help you get the

 answers you need

Do your banking online

Ways for you to manage your

 money without leaving home