Protect your computer, smartphone and tablet

There are threats that can harm your devices even if you’re not aware that anything is wrong. But there are simple steps you can take to protect yourself.

Remember - always log out from your Internet Banking and lock your device with a PIN / password. Never leave it unlocked and unattended, and safeguard your device.

You can keep most viruses out if you:

  • Keep up to date. Always keep your operating system (like Windows or iOS), your internet browser (like Internet Explorer) and software up-to-date. See ‘Update regularly for more information.
  • Use anti-virus software. Install it on your computer, keep it up-to-date and make sure it scans at least once a week. Act when prompted. Don’t keep putting it off – it’s there to protect you.
  • Listen to your anti-virus software. It should tell you when a site is unsafe to visit or a file is unsafe to open.
  • Download carefully. Never download files and programs unless you are absolutely certain they are genuine and come from a source you trust. Always download mobile apps from an official store such as the App Store or Google Play.
  • Only sign in and pay on secure sites. The most secure sites have a green padlock in the address bar, and https:// at the beginning of the web address when they require personal or financial information.  These won’t necessarily appear on pages that don’t request for personal or financial information.

Keep operating systems, browser and software up-to-date

Most computers and routers have built-in firewalls, which protect your computer from some of the dangers on the Internet. But you also need to keep your operating system, browser and software up to date.

It is important that you:

  • Have an anti-virus program installed to scan for viruses.
  • Never switch off your firewall (unless you’re a computer expert and know what you’re doing).

For more information on updates, anti-virus software and firewalls visit

Only connect to secure Wi-Fi

Never use the password that came with your Wi-Fi router or hub.  Change it to a strong password; something that no one can guess  or use without your permission

If you use Wi-Fi on the go, make sure you’re using a genuine, secure connection. Fraudsters can set up hotspots in cafes and other public areas. If you want to use a company’s free Wi-Fi, ask a staff member to show you which Wi-Fi is their connection.

It’s good advice to never log into online accounts that store any payment or banking info (like Internet Banking, Paypal or online shopping sites). if you’re using public or free Wi-Fi.

Think you are a victim of online fraud?

Money has fraudulently left your Bank of Scotland account or someone knows your Internet Banking password For any other issues that you think may be related to fraud

Step 1:

Report it to us
0345 600 7727 (Lines are open 24 hours a day) +44 1132 888 408 from outside the UK

If you have a hearing or speech impairment, you can contact us 24/7 using the Next Generation Text (BGT) Service. If you’re Deaf and a BSL user, you can use the SignVideo service.

Step 2:

Report it to Action Fraud
0300 123 2040

Lines are open Monday to Friday 9am-6pm. Text phone users can ring 0300 123 2050.

Report it to Action Fraud

0300 123 2040

Lines are open Monday to Friday 9am-6pm. Text phone users can ring 0300 123 2050.

They’ll be able to log the incident and provide you with a Crime Reference number if needed. Action Fraud collect data from across the UK to help banks and other businesses combat fraud.

Received a suspicious  email or text message?

If you receive an email or text message that looks like it’s from Bank of Scotland but makes you suspicious, forward the email or send a screenshot of the text message to

Please note:

  • Do not use this mailbox for any other questions or messages: The mailbox can only deal with emails where the Bank of Scotland name is used without permission by fraudsters. Other types of emails or messages cannot be actioned.
  • It’s an automated mailbox so you won’t receive any personalised response: The only action we can take is to request the deletion of fraudsters’ email addresses and URLs. There may be delays as our partner’s process these requests.
  • Never email us any personal or account information (including card details and login information).