FAQs for Individuals - How to keep your personal information safe

What makes a strong password?

A strong password is long, unique and hard to guess. It should use a mix of words, numbers and symbols and never be reused across multiple accounts.

Is it safe to reuse the same password?

No. If one account is compromised, attackers can access all other accounts that use the same password.

Should I use a password manager?

Yes. Password managers securely store and generate strong passwords so you don’t have to remember them all.

What is two/multi-factor authentication?

Two/multi-factor authentication adds an extra security step when logging in, such as a code sent to your phone or an authentication app.

Is 2FA really necessary?

Yes. Even if your password is stolen, 2FA makes it much harder for someone else to access your account.

What is phishing?

Phishing is when scammers pretend to be a trusted organisation or person to trick you into sharing passwords, payment details or personal information.

How can I spot a phishing message?

Warning signs include urgent language, unexpected attachments, strange links, spelling mistakes or requests for sensitive information.

What should I do if I clicked a suspicious link?

Change your passwords immediately, run a security scan on your device and monitor your accounts for unusual activity.

Do I need antivirus software?

Yes. Antivirus and security software help detect and block malware, ransomware and other threats.

Is public Wi-Fi safe to use?

Public Wi-Fi can be risky. Avoid accessing sensitive accounts on public networks where you need to enter log in details.

Why are software updates important?

Updates often fix security weaknesses. Delaying updates leaves your device vulnerable to known attacks.

How often should I update my devices?

Enable automatic updates wherever possible so your devices stay protected.

How do I control what data apps collect about me?

Check privacy and permission settings on your phone, browser and apps. Only grant access that is necessary for the app to function.

Should I review privacy settings regularly?

Yes. Apps and platforms often change their settings, so it’s important to review them periodically.

What personal information should I avoid sharing online?

Avoid sharing details like your full date of birth, home address, ID documents, or financial information publicly. If a form calls for this information but it is not a mandatory field and does not impact the outcome I would suggest putting ‘undisclosed’ or if possible leaving the box blanks. An example of this could be that you are signing up to an online webinar. Your first name and email address are likely required for registration, however, if your home address is requested, I would put ‘undisclosed’ as your personal address has no impact on the internet hosted event.

Is sharing on social media risky?

Yes. Sharing can make it easier for scammers to impersonate you or guess security questions. Be especially mindful of posting updates about your holidays while you are away - this will alert people to the fact that your house may be unoccupied.

What is identity theft?

Identity theft occurs when someone uses your personal information to commit fraud, open accounts or impersonate you.

How can I tell if my identity has been stolen?

Unexpected bills, account activity you don’t recognise or alerts from financial institutions can be warning signs.

How do I know if my data has been exposed in a breach?

You may be notified by the organisation involved, or notice unusual activity on your accounts.

What should I do after a data breach?

Change affected passwords, enable 2FA, monitor accounts closely and follow guidance provided by the organisation.

How can I keep my children safe online?

Use parental controls, talk openly about online risks and teach children not to share personal information. I would suggest also regularly monitoring who your children are interacting with online; the internet is an easy place for someone to pretend to be someone else to form connections with vulnerable individuals.

Are parental control tools enough?

No, they help, but education, regular conversations, and oversight are definitely required.

Scams are getting more sophisticated, scammers are increasingly using AI to create realistic messages, fake voices and convincing images.

How can I protect myself from new threats?

Be cautious, verify information through trusted channels and don’t rush decisions online. If you ever receive an email that doesn’t look right, or one that asks you to click a link, I suggest opening the genuine website and accessing the details directly. For example, if you receive an email from your ‘bank’ asking you to click a link to view your latest statement, open a new browser window or tab and log in to your bank separately to view the statement - DO NOT click links - many scammers are very sophisticated and can make the emails appear legitimate even when they’re not.