Create a password that's memorable to you, but hard to crack.
- Your password must be at least eight characters long.
- It should contain numbers
- Don’t use a password that can be easily guessed, like 'Savings1'.
- Never write down or share your password with anybody else.
- If you think someone knows your password, change it immediately.
- Use a different password for each different site you use. If you're worried about forgetting your passwords, try a reputable password manager application.
Make your password strong
If fraudsters can find out enough information about you, they can impersonate you and open new accounts, credit cards or loans in your name. Or they might take control of your existing accounts by impersonating you and changing the address of your account.
- Always dispose of unwanted documents securely, for instance by shredding. Fraudsters use paper documents like bank statements and mobile phone bills, and they might even go through your bins.
Information you post online can leave you vulnerable, even on social media – addresses, children's names, pets' names and check-in locations.
- Review your social media privacy settings regularly, including updating passwords on phones and personal computers.
- Don't share too much personal information on a public setting and don't accept 'friend requests' on social media from anyone you don't know.
Protect yourself from identity theft
Frauds and scams can look and sound very professional, as if they're from a person or organisation you trust, like a bank, credit card company or shopping website. You might be contacted by email (known as phishing), phone call (vishing) or SMS text messaging (smishing).
- Phishing emails will try and trick you to visit a fake website so they can steal your login or other personal details.
- Vishing means 'voice phishing'. Fraudsters will try and trick you into giving them personal information over the phone – they might have carried out research on you to make them sound more convincing.
- Smishing means 'SMS phishing'. Text messages may say there’s been fraudulent activity on your account and ask you to call a number or visit a fake website.
We've included more details on phishing, vishing and smishing on our Be fraud aware page so you can learn more about recognising a possible fraudulent communication.
If you’re unsure about any email, text message or phone call that appears to be from Skipton Building Society, call us on 0345 850 1722.
Be vigilant with emails, calls and texts
Transport Layer Security (TLS) is technology that encrypts links between connections – like the connection created when you log in to our online savings accounts. TLS is being used on a website if a small padlock icon appears on your browser status bar.
The padlock tells you that the connection to the website's server is secure. However, it doesn't guarantee that the website itself is authentic. Keep in mind our fraud awareness advice if you're unsure about a website.
Malware, like viruses, Trojans, adware or spyware among others, infects your computer with malicious software that could steal your personal information, spy on you through your webcam, or eavesdrop using the microphone on your computer.
It might hold your computer and data hostage (ransomware) and demand money to release it. It can enable unwanted pop-up adverts and can even use your computer to attack other computers connected to the internet.
- Install anti-malware software to protect all your devices and keep it fully updated.
- Update your web browser with the latest security updates so it can prevent pop-ups, warn you about the latest fake and infected websites, and make it harder to infect your computer.
- Update other software when prompted. Microsoft, Apple and Android regularly issue updated security patches for their applications.
- Mobile phones are a gateway to our online accounts. Some apps don’t ask you to log in each time you use them. Set up a PIN, pattern or fingerprint recognition to gain access to your phone, and adjust the settings so your phone automatically locks after a short time.
- Be mindful of software you download and links you click.
- Always check the sender is genuine before opening any attachments – malware can easily be made to look like legitimate programmes.
- Visit Get Safe Online and Take Five for more advice.
By email – Skipton Building Society won't ever ask for or send personal account information by email. However, we will send you a notification email if we've left a secure message on your online account with us. You can view the secure message once you've logged into Skipton Online.
On the phone – if you've agreed to be contacted by phone, we might call you to let you know about our services or upcoming changes to your accounts. If you've registered for telephone account access, we'll ask you to provide details to verify your identity. If you want to carry out a transaction, we'll also ask for letters from your telephone password (but we won't ask you for the full password).
If you're concerned about a call from someone claiming to be from Skipton Building Society, please end the call and ring us on 0345 702 5026. We'll be able to tell you if the caller was genuine.