Common Password Scams

Passwords are the new 5 lever door locks which keep us safe. Recent data from the Office of National Statistics showed that you are 3.5 times more likely to be a victim of fraud than have your house burgled. So, in the same way as you double lock your house at night you need to make double sure your passwords are strong.

Password Reset

Everyday millions of people are sent fake emails and texts asking them to click on a link to verify their details, check a transaction, win a prize etc. It is all the same, they want your personal details and the keys to your bank account /credit cards etc. This comes in lots of forms with fake emails from Apple, Microsoft, Amazon, TV Licensing and the HMRC being amongst the most common.

Extortion Emails

Criminals send you an email, claiming that they have a compromising video of you. They threaten that this video will be shared with all your email contacts, if you don’t make a payment (often Bitcoin) for their silence. The fraudster further corroborates this story by showing you that they have your email password. In fear, some people make payment.

How can you protect yourself from password scams?

To ensure your passwords are strong follow these rules:

1: Use a different password for every account, (use a password manager to help store them)

2: Use more than the minimum number of characters with mix of upper and lower cases, numbers and special symbols (!ӣ$%etc)

3: Do not use football teams, (Liverpool, Chelsea, ManUnited are among the most common passwords)

4: Do not keyboard walk, i.e. Qwerty or 1q2w3e4r, again these are among the most common and so easiest to guess

5: You may think using F*ckoff is funny as a password, but so do millions of others, and so avoid strong statements of love or hate.

6: Don’t use personal self-identifiers in passwords such as birthdays, anniversaries, actual names etc. Criminals can find this information easily.

Do not use the word password!


  • Don’t– disclose passwords to others, if someone knows it change it immediately.

  • Don’t – reply to any request to reset your password, i.e don’t click on a link, instead go to the site in question and go to your account settings, this way you know it is the genuine site

  • Never – use unsecured Wi-Fi (public Wi-fi)

  • Don’t – reply to anyone saying that they need money in exchange for their silence

  • Never –send passwords via email

  • Update – keep your anti-virus protection software updated on your computer

  • Read – the Reassura’s Two-factor Authentication password guide for more information about even greater protection

  • Still Unsure? – Call Reassura 0800 888 6450

What to do if you suspect that you have been the victim of a password scam?

  • Contact ActionFraud to report the crime and get a Crime Reference Number.

  • Contact your social media platform (Facebook, Twitter, WhatsApp etc.) to alert them.

  • If the fraudsters have your bank account or credit card information, contact your bank or credit card provider and speak to their fraud department.

  • If you are unfortunate enough to get a virus or malware on your computer, visit a trusted computer technician /PC repair shop to thoroughly check for and remove any viruses or malware on your device.