Last week, telecoms firm TalkTalk was hit by a cyber-attack on their website. Up to four million current and former customers’ details are thought to be at risk, with personal and banking details believed to have been accessed. The information thought to have been accessed includes: credit card, bank accounts details, as well as names, addresses, dates of birth, email addresses and telephone numbers. The Metropolitan Police are currently investigating.
If you’re a TalkTalk customer, we know you must be worried about how your information is being used – that’s why we’ve put together this guide to walk you through how to protect yourself in the aftermath of this attack.
Check your bank account and credit report
Although TalkTalk insist that the information stolen would be insufficient to make financial transactions – as the credit or debit card details accessed contained a series of hidden numbers – it would still be wise to monitor your bank accounts for any signs of fraudulent activity over the next few months. Tell your bank or credit card provider, so that they can help you monitor this too.
Check your credit report for signs of identity crime, you can do this through Noddle who have partnered up with TalkTalk customers to provide 12 months credit monitoring alerts. To find out more about this, click here.
If you used the same password for your TalkTalk account as you did for others, then it would be wise to change these immediately. When it comes to choosing a password, follow these simple tips:
• The more complex the password, the better it is so make sure that you use a combination of letters, numbers and symbols to make it as hard to guess as possible.
• If you find it hard to remember strong passwords, come up with an acronym of a phrase or line that you can easily remember. For example, Girls Just Want To Have Fun becomes GJWTHF. Add a significant number or symbol and you’ll have a strong password like this: GJWTHF!45
• Never share your passwords with anyone, and if you have done this in the past, change them.
• Try not to write your passwords down. If you can’t help this, use a cryptic code only you can understand or store your passwords in a computer file and protect this with a strong password.
Be aware of phishing scams
Numerous customers have been targeted with scams after this cyber-attack, make sure you’re not the next victim by remembering the following:
• TalkTalk will never ask you to provide your full password in an email (they’ll only ever ask you for two digits) so be wary of a request like this.
• Be suspicious of any unsolicited emails that you receive – never reply with your full password, login details or account details. Avoid clicking on any links or attachments as you could download a virus. If you think you’ve received a scam email claiming to be from thinkmoney, forward it to: email@example.com.
• Some TalkTalk customers have received calls from fraudsters claiming to be from TalkTalk, falsely warning them of a malware infection on their computer. Be wary of anyone asking for personal information such as bank details or passwords over the phone. Legitimate businesses (including thinkmoney) will never ask you for your PIN or passwords in this way.
• TalkTalk will never ask you to download software onto your computer over the phone (unless you’ve previously contacted them about this) or ask you for your bank details to process a refund.
• Overall, remember to always be sceptical when being asked to provide information over the phone. Question what it’s going to be used for and if it doesn’t sound right to you, it probably isn’t. If the person on the other end of the line becomes aggressive, take this as a warning sign! You can get more information about vishing and how to avoid it, here.
For updates on the cyber-attack, make sure to visit the TalkTalk website. If you’ve fallen victim to fraud because of this hacking event, report it to Action Fraud and get in touch with your bank or credit card provider.
If you’d like more information on how to stay safe in relation to your thinkmoney Personal Account, click here.