6 ways to protect yourself from scams in 2024

With fraud losses in 2023 expected to exceed £1bn, we share our tips on ways to protect yourself from scams
Faye LipsonSenior researcher & writer

Fraud is booming in the UK, with victims losing £580m in just the first half of 2023 – and losses for the whole year expected to exceed £1bn.

Behind every sum stolen is human story of stress, panic and shaken trust. That's why it's so important to arm yourself with the knowledge to beat scammers when they come calling. 

Follow our six top tips to keep your money and personal data safe, and avoid becoming a devastating fraud statistic in 2024.

1. Which? scam alerts 

Which? helps you to stay one step ahead of the scammers. Visit our scams tracker to read about the latest ones we've seen and sign up for our free weekly Scam Alert emails. Which? also offers the scam alert service on WhatsApp.

Our scam alerts service shares warnings of the biggest scams in circulation, it also provides details on how scams work and ways you can spot them and protect yourself.

Which? also has a growing Facebook Scam Acton and Alerts group – join our growing community of more than 25,000 members all working together to help raise awareness about the latest scams. 

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts
Sign up

2. Cifas Protective Registration

This scheme could provide useful protection if you've been the victim of a data breach, as it helps prevent identity thieves obtaining bank accounts, credit cards and other financial products in your name.

When you request Protective Registration, Cifas places a warning marker against your name and other personal details in the National Fraud Database.

This tells any organisation that uses Cifas data (there are more than 600 of these including banks) to carry out extra checks when your details are used to apply for its products or services to make sure it’s really you applying.

It's not a free service, but is relatively wallet-friendly at £25 for two years' protection. 

In some cases, companies and organisations will try to make amends after a data breach by paying for affected customers' Cifas Protective Registration. So if you've been notified of a breach of your data, it's worth asking the organisation if it will pay for this service.

One small downside of enrolling in Protective Registration is that genuine applications made by you will likely attract extra checks as well, slowing them down. 

3. Check your credit report

When it comes to fighting fraud, it's not your credit score that matters, but the details on the report itself.

Regularly scour your credit report for any unfamiliar accounts or searches – and if you find any, query them immediately, as they could reveal a fraudster using your identity.

You can do this for free via Clearscore (Equifax), Credit Karma (TransUnion) and MSE Credit Club (Experian).

4. Two-factor authentication

Using two-factor authentication (2FA) adds an additional layer of security when signing in to websites and services.

It involves sharing something only you would have – such as a code sent to your phone via text or authenticator app – before you're allowed to sign in. You can also sometimes use biometric data such as your fingerprint to complete 2FA. 

It's an effective way to protect your online data and you should consider enabling it for any website you interact with which offers it as an option, if it's not already enforced.

You'll usually be asked to complete 2FA when you log in from a new phone, tablet or computer, or from a new location the website doesn’t recognise. Some websites also require 2FA every time you log in or when you make a transaction.

5. Password managers

We all know it's almost impossible to remember the dozens of passwords we use across different sites. The answer is to use a password manager. 

Password managers are programs that look after your passwords for you. In most cases they will also generate strong, unguessable passwords and then make sure they’re associated with the right websites. 

There are several to choose from, but they all do more or less the same thing – create an encrypted vault that stores all your passwords, generates passwords and in most cases will fill in passwords on websites for you. 

Password managers have received a bad rap due to high-profile data breaches at LastPass in 2022 and 2023. Yet using one is still safer than not using one. Many of us have lots of online accounts and juggling various different passwords is hard. Password managers are a convenient and secure way to do that. 

6. Investigate websites

Dodgy, often copycat, websites remain a fruitful tool for scammers.

You may think you're browsing the website of a major bank or well-known retailer, but scam and copycat sites are unfortunately rife. 

One telltale sign of a bogus site is that it's only been registered in the last few days or weeks, despite claiming to represent a well-established brand.

Before buying something or entering your details, plug the website address into domain checker lookup.icann.org or who.is. This will show you when the website was registered and can expose any impostors. 

We advise going direct to websites listed on bank cards, bills or trusted paperwork, wherever possible. If this isn't, and you need to use a search engine, as organic search results are generally more reliable than sponsored search ads.

Organic links can still be scams, which is why it's so important to research a website before giving it your data. 

More on this

Related articles