Staying safe online has become a modern-day priority, as scammers, hackers, and cyberattackers become increasingly prevalent.
Over the past few months, there have been several incidents of high-profile retailers being hit by cyberattacks, in some cases leading to massive shutdowns, loss of service, and compromised customer data.
Short of avoiding every kind of digital transaction, there’s a good chance you’ll need to input some personal details online from time to time.
This can make you feel vulnerable, especially if the company in question has fallen foul of a cyberattack. Read on to discover six ways to protect your data and the red flags to look out for.
An increase in high-profile cyberattacks has led to widespread personal data breaches
The first half of 2025 saw a spate of cyberattacks in the retail sector, with a multitude of big names compromised in some way.
Those affected included Co-op, Harrods, Adidas, The North Face, and Cartier. Arguably, the worst hit was Marks and Spencer, which, according to the BBC, was only able to resume offering its click-and-collect service 15 weeks after the attack.
The retailer had to pause online ordering completely for several weeks, and its in-store operations were also affected, in what has now been revealed as a ransomware attack.
Customer data was also compromised in many of the cyberattacks, raising understandable concerns about the security of online transactions.
6 ways to protect your data in the wake of a cyberattack
1. Establish if you’ve been affected
A cyberattack is unlikely to affect every consumer of a given company. For example, with Adidas, stolen data mainly affected those who had contacted its helpdesk.
You’ll usually get an email from an affected organisation with more information about what you can do and, in some cases, access to free support.
Be wary, however, as some scammers will piggyback on the original cyberattack and pretend to be contacting you about the incident. Don’t click on any links or attachments unless you’re positive they’re safe and never respond to requests for personal information. If you’re unsure whether the email is legitimate, ignore it and contact the company directly using a number you’ve found yourself.
2. Change your password
As soon as you know that a company you’ve dealt with has been hacked, change your password. Avoid using an identical (or even similar) password to one you use elsewhere, and don’t opt for anything obvious like your middle name.
Try combining a few random words with a mixture of uppercase and lowercase letters, numbers, and symbols. It can be difficult to remember lots of passwords, which is why it’s tempting to use the same one, but a secure password manager can safely store them for you.
3. Always opt for two-factor authentication
Two-factor authentication is when you’re sent an extra code via text or email or have to answer further security questions to confirm your identity. It’s a good extra layer of security, so turn it on whenever it’s available.
Two-factor authentication is something you can set up for your email and other important online accounts, too.
4. Be wary on social media
Social media is a breeding ground for scams, and it can be easy to think you’re talking to a friend or family member when it’s actually a fraudster. Never send money before checking that it’s a genuine request by contacting the person in another way.
5. Don’t store your payment details
It can be tempting to save card details online to make future transactions faster, but this often means your details will be stored by a third party. Entering your details each time doesn’t take long and could keep them safer.
6. Check your credit score
If your information has been leaked, hackers could use it to commit identity fraud. If you’re turned down for a financial product unexpectedly, it could be a sign someone is impersonating you.
It’s also a good idea to keep a close eye on your bank statements to check for any suspicious purchases.
Staying vigilant at all times is key, not just in the aftermath of a cyberattack
Here are three red flags to help you spot and avoid fraudulent sites.
1. Low prices that seem too good to be true
If you’re on a budget and looking for a bargain, try not to fall into the trap of extreme discounts, especially on popular or high-end items. This could be a sign of a fake online store, where you’ll either buy a counterfeit product or simply receive nothing for your money.
2. Unusual payment types
Most legitimate retailers will accept debit or credit cards, so shy away from any that request payment by bank transfer, money order, or cryptocurrency. It’s incredibly difficult to get a refund on this type of payment.
3. Mistakes on the website and URL
Scammers will often copy a real logo and product images, but small spelling errors in the URL can give them away. Look out for an extra or missing letter, and make sure the URL begins with https, rather than just http, as this indicates the site is secure.
Similarly, make sure the website features all the expected pages, including delivery and return information and contact details.
Get in touch
If you would like to discuss ways to keep your personal wealth in safe hands, please email enquiries@futureplanningwm.co.uk or call 01793 575553.
Please note
This article is for general information only and does not constitute advice. The information is aimed at retail clients only.
All information is correct at the time of writing and is subject to change in the future.
Please do not act based on anything you might read in this article. All contents are based on our understanding of HMRC legislation, which is subject to change.
