Top tips for staying safe and secure online

The increase in online shopping and remote working has also seen a rise in hacking attempts by cyber criminals.  With more places storing your personal details, how can you protect your digital accounts and stay safe online? This article outlines some simple ways to protect your online accounts against scammers and helps you to avoid identity theft. 


COVID Internet shopping boom 

Forced lockdowns and remote working from home has brought about a notable change in our shopping habits. With more of us unable or unwilling to shop in store, the shift to buying online has increased at a staggering pace.  

In the nine months from the end of February to the end of November 2020, internet sales as a percentage of all retail sales rose from 19.1 to 36% - their highest level to date (1).  

And unless you live with your extended family and colleagues, you will no doubt be more of an expert these days with video conferencing platforms such as Zoom and Teams.  

But as more people conduct their lives online, there are a growing number of places keeping a record of your personal details. According to some studies, the average person in the UK has 118 online accounts (2). From email accounts and personal banking, to social media accounts, insurance policies and payment services like Paypal or Apple pay. There are also a huge array of other online apps and cloud services using these details to store your online photos, videos, blog posts, family trees, frequent flier miles, credit card points and more. 

And with it comes the potential for cyber security breaches and hacking attempts, as that’s 118 places where your personal information is stored and 118 places where a password has potentially been reused. The National Cyber Security Centre (NCSC) reported hackers are already trying to take advantage of this, with the number of reported incidents increasing by a fifth this year (3), a quarter of which were related to coronavirus (4).  

Managing all of these accounts can be a complicated business, but there are also practical considerations to be made to ensure these are included in your estate planning. There have been horror stories reported about millions worth of crypto-currency lost through misplaced login details (5), loved ones facing unwanted tax bills, or legal cases involving electronics giant Apple to retrieve family photos stored in the cloud (6). The Digital Legacy Association offers guidance around managing digital assets and has a free online will template to help you with this.  


Stay secure: Cyber security tips to keep your digital accounts safe  

So how do you protect your online accounts against scammers and identity theft? Below are a few practical ways to stay secure online: 

  • Keep updated – make sure you keep any apps and software you use up to date with the latest releases. And remember to delete those accounts you no longer need or use. For every account that is forgotten about, a door is left open for hackers to grab your private data and wreak havoc. You probably wouldn’t leave your bank card or ID in full view before going away on holiday, yet many people leave personal details unprotected in the digital world. 
  • Use strong passwords – this sounds obvious, but a strong password will help protect your accounts. Weak passwords are often the vulnerability that is being exploited by the opportunist hacker. Use longer and stronger passwords, with letters, numbers and symbols. One suggestion is to use a phrase with three random words rather than a word i.e. 5fivebluedonkeys44£. Be sure to change passwords regularly too. The use of a password manager can help (for example 1password,Dashlane or Nordpass), as these store all passwords for your accounts, can provide and manage secure passwords and can also let you know if your details have been breached. 
  • Use two-factor authentication – this uses an additional layer of identification to double check that it is you who is trying to use the service. So if someone only has your password they will be unable to access your account. Usually it involves a text message or code that is sent to another device or account, and is available on most banking, email and social media accounts. And always make sure that any mobile or tablet devices have a passcode enabled, so there’s an extra layer of security. 
  • Attention to detail - Check web addresses carefully for spelling mistakes or slight changes (e.g., and also that they are for trusted secure sites. These will display httpat the start of the URL, indicating the site has a safety certificate and the site owner’s identity has been verified. There will usually also be a padlock displayed in the address bar, to indicate the site is secure. 
  • Act with caution – This covers a few different points, but reminds us to be careful and suspicious when acting online. Be cautious clicking any links you see on social media or where they request you provide financial details. Be wary of emails with a sense of urgency, poor spelling and grammar or from unknown senders. And if it sounds too good to be true, it probably is. 
  • Reduce email - Avoid sending personal and financial details or attachments over email. Clients using our financial advice service can share private information securely with their adviser via our online portal (please speak to your usual Castlefield contact for more details on how to get set up if you do not use this already).  

 Written by Nathan Cameron


NB: This article was first published on in March 2021

Useful resources 

Get Safe Online – 

Digital Legacy Association -  

You can also report any cyber crime to -  



  1. Office for National Statistics, 2020 –  
  2. Dashlane, 2020 -  
  3. National Cyber Security Centre, 2020 -  
  4. Financial Times, 2020 -  
  5. Independent, 2019 -  
  6. Mitchells Robertson, 2019 -