Safer Internet Day 2025: Keeping Safe from Scams

The 11^th of February 2025 is Safer Internet Day, the biggest celebration of online safety in the UK.

Safer Internet Day is created and spearheaded by the UK Safer Internet Centre, you can learn more about them here. 

The theme for Safer Internet Day this year is...

‘Too good to be true? Protecting yourself and others from scams online’.
AKA scams.

We have all heard of scams and know that they can target everyone at any time. But just what can you do as business to help protect your business and your customers from online scams?

Check out our guide below.

How to Protect your Customers and your Business from Scams

There are several steps that you can take to help keep your customers and your business safe from scams and scammers.

They include…

Check Your Logins

All passwords used for any devices or accounts should be strong and/or use multi factor authentication.

Any passwords used must be difficult to guess, the National Cyber Security Centre recommends using three random words as a password.

You can learn more about multi factor authentications in our Digital Bytes here.

We also recommend that your company policy is to change these passwords upon any staff exits, any security events (such as a break in), and at a regular intervals such as every six months.

And don’t forget about email addresses used for logins!

Please, please, please, ensure that these email addresses are a company email address, not personal email addresses. This will ensure that you are able to gain access regardless of any staff changes should you need to follow any processes for regaining access to your accounts.

It is also good practice to have a public facing email address such as hello@yourbusinessdomain.co.uk and a separate email address that is used for company login details such as workforce13@yourbusinessdomain.co.uk.  

Scammers are smart and they know that most businesses have generic email addresses such as hello@, inbox@, sales@, admin@. Whilst a secure password should be enough to stop access to your business accounts, every little helps.

Consider how your Data is used

All businesses use their data on a daily basis, it is ultimately how any business can function and deliver whatever product/service offered. However, it is important to consider how that data is used and accessed.

If you have an open plan office, consider how your screens are positioned and how any data is kept

• Are the screens facing a public walkway or a waiting area?
• Are any hard drives in the open at all times, with no consideration of their whereabouts?

Your company may want to consider privacy screens, rearranging the desk space to ensure that screens are not facing public areas, and perhaps having hard drives secured to desks or locked away when not in active use.

If your staff access company data from remote devices on the move or at their homes?

• Do you have a way of remotely accessing devices to back up data and wipe the device should they be stolen?
• Do your staff know that they need to password lock their devices when they are away from their device, even if only for a few minutes

Your company may want to consider improving its security access to work devices, enforcing secure passwords for devices, and having company policy in place to ensure that staff members know the importance of securing their devices.

We all want our employees to get on with their role with the utmost respect and trust, however, you also need to ensure that your company’s handing of data is spot on.

It’s your reputation after all.

Back up your Data

All of your data should be backed up regularly.

Any website/CRM data should be frequently backed up by your hosting provider.

Any data that is kept on computers/laptops/mobiles should also be backed up often to the relevant cloud server and/or an external storage device. Any external storage devices should be encrypted and stored somewhere safe and secure, ideally away from the main workplace in case of fire and flood.

Backups that are stored away from the main workplace disconnected from any online systems are the best, that way they cannot be hacked by any external being and they cannot be mistakenly deleted or damaged by customers or staff.

Keep your Anti-Virus and Anti-Malware software up to date

Keep a tally of all work devices and ensure that they all have anti-virus and malware software installed and that these tools are up to date.

If you aren’t comfortable with this kind of software management then let us know, we can recommend an IT company that will hold your hand or manage this for you entirely.

Make your Employees Aware of the Dangers

The best thing you can do to protect data handled by your company whilst they are on your website and interacting with your business is to make your employees aware of the dangers.

They are your eyes and ears after all.

Ensure that your staff know about how to spot a suspicious email – signs include…

• Bad grammar
• Demands for fast/urgent action
• Requests for payment
• Strange ‘sent from’ email addresses – could be as simple as a misspelling

The National Cyber Security Centre has lots of information and training material that you can make the most of.

Don’t assume that your employees are aware of the dangers, we can all be duped by scammers, we are only human after all.

Handle Data with care

The best way of keeping your customer’s data safe, and therefore less likely to end up in the hands of scammers targeting you as a business, is to handle the data with care.

This means…

Limiting who has access to the data in the first place

Naturally you need to give your employees access to what they need to do their job but restrict anything they don’t need.

Does your sales team need access to payroll? No.

If someone is absent for a long period, or leaves your company, ensure that their access is suspended/cancelled.

Checking your wi-fi connection

Unsecure wi-fi is unfortunately a common way of scammers entering company systems that use that wi-fi. Take steps to ensure that your company wi-fi is password protected.

If you provide wi-fi for those in your waiting room etc then talk to your provider to ensure that work computers use a separate wi-fi connection.

Not keeping data for longer than you need it

If you don’t have the data then a scammer cannot gain access to it. Simple.

Take a look at the data that your company handles and be realistic about what data is needed.

Perhaps there are lists of email addresses that have not been used in a while that can be deleted, or even downloaded to an encrypted excel spreadsheet that is stored in a safe and secure hard drive that is not connected to the internet in anyway. So if you suddenly need it in a year you have it, without needing it to be accessible.

And lastly, Dispose of Old equipment safely

When you dispose of old computers, tablets, mobiles, and hard drives, it is best to dispose of them safely and securely.

Naturally, ensure that any data on them is transferred to where it needs to be stored now, then consider returning the device back to its factory settings before sending them to the various recycling schemes in existence.

Don’t just throw a device in the bin – consider your data security but also the environment.

How to go Forward

If the above information is news to you, make sure you take action to look at the steps mentioned above and implement as needed.

• Check your logins
• Consider how your data is used
• Back up your data
• Keep your AntiVirus and Malware software up to date
• Make your employees aware of the danger
• Handle your data with care
  - limit who has access to data
  - check your wi-fi connection/s
  - don't keep data longer than you need it
  - dispose of old equipment safely

It is a good idea to create a company policy regarding company security, this will allow you to take a serious look at how your business uses its online devices and to ensure that it has procedures in place to ensure that your customer and employee’s data is kept secure and away from scammers.

Once the policy has been decided upon it should be easier for your employees to follow and offers reassurance to your customers (should it be needed) that you do handle their data in a safe and secure way. Doing everything you can do to keep them safe from scammers targeting your company.

If you don’t already have cyber security insurance then speak to your insurance provider and consider adding this to your policy. If you would like a recommendation for insurance providers then simply get in touch with Nachos.

Published: 10th Feb 2025

« Back