You know that moment when you get a text message claiming your bank account’s been frozen or an email lands with an urgent tax refund that needs “immediate’’ verification? Your stomach drops for a second before you think, hang on, that doesn’t look right.
But here’s the thing: not everyone catches it in time. And the scale of the problem is bigger than most people realise.
According to Home Office research, 50% of British adults are at risk of malware infecting their personal devices, and 48% worry about someone breaking into their online accounts. These aren’t abstract fears either. 42% of UK adults have actually experienced a device infection. Meanwhile, 32% of UK businesses of UK businesses reported a cyber security breach in the past year, which means if you’re working from home, your personal network is part of that risk picture too.
The “it won’t happen to me” mindset? It doesn’t hold up. Cybercriminals cast wide nets. They’re not picking targets carefully. They’re sending millions of phishing emails and hoping a small percentage click.
“At Switchity, we help thousands of UK households find the right broadband deal, but a fast connection is only part of the picture. Your home network is the gateway to everything you do online: your banking, your emails, your family’s devices. That’s why we believe understanding how to stay safe online is just as important as getting a great deal on your broadband. The good news is that most of the steps that make a real difference are completely free and take just a few minutes to set up.”
Claudia Constantin, Founder – The Switchity Team
This guide walks you through the practical steps to protect yourself, your family, and your home network. No jargon, no scare tactics. Just clear, actionable advice grounded in UK-specific resources and data.
Use Strong, Unique Passwords, and a Password Manager
Let’s start with the one thing that protects almost every online account you own: your password. And yet, it’s where most people are weakest.
A weak password is short, predictable, or reused across multiple accounts. Think “password123” or your pet’s name followed by your birth year. A strong password is 12+ characters, mixes letters, numbers, and symbols, and is unique to each account. The National Cyber Security Centre (NCSC) recommends a simple approach: combine three random words into a passphrase. Something like “PurpleBridgeTractor” is far harder to crack than a short string of mixed characters, and much easier to remember.
The biggest mistake? Using the same password everywhere. One data breach at a minor website exposes every account that shares that password. Password managers like Bitwarden or 1Password solve this by generating and storing unique passwords for every account. Free options exist, so cost isn’t a barrier.
Enable Two-Factor Authentication (2FA)
Two-factor authentication adds a second verification step after your password, typically a one-time code via text or an authenticator app. Even if someone steals your password, they can’t get in without that second factor.
Most UK banks, email providers, and social media platforms offer 2FA for free. It takes minutes to set up. Prioritise your email account first (it’s the master key to resetting everything else), then banking, then social media. Where you have the choice, use an authenticator app like Google Authenticator or Microsoft Authenticator rather than SMS codes. They’re more secure.
Keep Your Devices and Software Updated
Software vulnerabilities are one of the most common ways malware gets onto your devices. When a company discovers a security flaw, they release an update to patch it. If you don’t install that update, you’re leaving the door open.
This applies to everything: Windows PCs, Macs, iPhones, Android phones, tablets, and smart home devices. And yes, Macs and iPhones can get viruses. They’re targeted less often than Windows, but they’re not immune so enable automatic updates wherever possible so you are always protected.
Install Reputable Antivirus and Anti-Malware Software
Antivirus software detects and removes known threats. Anti-malware goes broader, covering spyware, ransomware, and adware too. Great news is that Windows 11 includes Microsoft Defender, which is genuinely capable and completely free and for most people, it’s a solid baseline.
If you want extra protection, Norton, Bitdefender, and Malwarebytes are all reputable paid options. But here’s the key point: antivirus works alongside good habits, not instead of them. No software can save you if you’re clicking every link in every suspicious email.
Back Up Your Data Regularly
Ransomware locks your files and demands payment to release them. Without a backup, you’re stuck. The 3-2-1 rule is your friend here: three copies of your data, on two different types of storage, with one kept offsite or in the cloud. Google Drive, OneDrive, or a simple external hard drive (kept unplugged when not in use) all work. Test your backups occasionally. A backup that doesn’t restore when you need it isn’t a backup at all.
Secure Your Home Wi-Fi and Router
With remote working now part of daily life for millions, your home network carries both personal and professional data. That makes it a target worth protecting.
Start with the basics. Change your router’s default admin username and password immediately after setup, because default credentials are publicly listed online and attackers know them. Set a strong, unique Wi-Fi password and make sure your network uses WPA2 or WPA3 encryption (you can check this in your router’s settings). Keep your router’s firmware updated too. Most modern routers can handle this automatically if you enable it.
One thing many people miss: set up a separate guest network for your smart home devices. Smart speakers, cameras, and thermostats don’t need to sit on the same network as your laptop and phone. Isolating them limits the damage if one device gets compromised.
Ofcom’s Telecoms Security Act (2023) now requires UK ISPs to meet enhanced network security standards, but your home router security remains your responsibility.
If your connection speed has dropped unexpectedly, an unauthorised device on your network could be the cause. You can run a broadband speed test to check. And if you’re also looking to improve your connection quality, our guide on how to boost your Wi-Fi signal covers practical steps.
Not all broadband providers are equal when it comes to network-level security. Explore the broadband providers we compare to find one that suits your household’s needs.
Staying Safe on Public Wi-Fi
Public Wi-Fi, the kind you find in coffee shops, airports, and hotels, is convenient but can be very risky. “Man-in-the-middle” attacks happen when someone intercepts data between your device and the network and things like your browsing, your passwords, your login sessions all become visible.
Never log into banking apps or enter passwords on an unknown public network. If you need to do something sensitive on the go, use a VPN (Virtual Private Network). In plain English, a VPN encrypts your internet traffic so that even if someone intercepts it, they can’t read it. Alternatively, use your phone’s mobile data as a personal hotspot. It’s far safer.
Recognise and Avoid Phishing Scams
In 2024, approximately 60% of UK internet users ranked scams, fraud, and phishing as their biggest online concern. And phishing remains the most common cyber threat reported by UK businesses according to the Cyber Security Breaches Survey.
Phishing means fraudulent emails, texts (smishing), or calls (vishing) that impersonate trusted organisations to steal your passwords or financial details. There are warning signs like generic greetings such as “Dear Customer,” urgent language (“your account will be closed”), sender addresses that don’t match the supposed organisation, unexpected attachments, and links that don’t go where they claim to.
UK-specific examples are everywhere. Fake HMRC tax refund emails. Parcel delivery scam texts from “Royal Mail.” They look convincing, but they’re designed to trigger a quick, panicked click. Hover over any link before clicking to preview the actual URL. Better yet, go directly to the organisation’s website by typing the address yourself.
Vishing (telephone scams) affects landline users too. If you have a landline, take a look at our home phone and broadband bundles page, which covers how bundled services work.
Safe Online Shopping Habits
Always check for HTTPS (the padlock icon) before entering payment details. Be careful though as HTTPS means data is encrypted in transit however it doesn’t mean the site is legitimate. Scam sites use HTTPS too.
Double-check URLs for subtle misspellings like “amaz0n.co.uk”. Research unfamiliar retailers on Trustpilot before buying and for payment, use a credit card rather than a debit card. Under Section 75 of the Consumer Credit Act, credit cards offer stronger fraud protection in the UK, and this is one of the most underused consumer protections out there. Alternatively, PayPal offers similar buyer protection.
Watch out for seasonal spikes. Black Friday and Christmas see a surge in fraudulent sites. According to Home Office data, 35% of UK adults have experienced an online purchase that turned out to be fraudulent or was never delivered.
Protect Your Privacy Online
Privacy and security are deeply connected. Personal data that leaks through poor privacy settings can be used to craft more convincing, targeted attacks against you (and the attackers are getting disturbingly good at this).
Review the privacy settings on your social media accounts. Limit profile visibility to people you actually know. Be cautious about sharing your full date of birth, home address, phone number, or holiday plans publicly. That information is gold for social engineering.
Cookies track your browsing behaviour across sites. When those consent pop-ups appear, decline non-essential cookies where you can. Browser extensions like uBlock Origin help block trackers. For broader privacy concerns about how companies handle your data, the ICO (Information Commissioner’s Office) is the UK authority to contact.
Smart Home and IoT Device Security
Smart speakers, cameras, baby monitors, video doorbells. They’re convenient, but each one is a potential entry point into your home network. Change default passwords on every device, keep firmware updated, and keep them on that separate guest network we mentioned earlier. Stick to reputable manufacturers where possible. Budget devices from lesser-known brands often have weaker security and may never receive updates.
Keeping Children Safe Online
Children face real risks online and they’re not all obvious. Age-inappropriate content, cyberbullying, contact from strangers, and manipulative in-app purchase mechanics are the big ones. The good news is there are practical tools that actually help.
Start with parental controls on individual devices. They’re built into iOS, Android and Windows, so there’s no excuse not to use them. But don’t stop there. Set filters at router or broadband level too, because that covers every device connected to your home network, including the ones you’ve forgotten about. Most UK ISPs offer network-level content filters, and if the household budget is tight, social tariff broadband deals can keep costs down while still giving you a filtered, more secure connection.
Technology only goes so far though. Regular, open conversations with your children about what they’re doing online matter just as much, probably more. The UK Safer Internet Centre and Internet Matters both have solid, age-appropriate guidance for parents if you’re not sure where to start. It’s also worth sitting down with your kids and going through app permissions together. A surprising number of apps request access to cameras, microphones and location data they have absolutely no business asking for.
On the regulatory side, the UK’s Children’s Code (formally the Age Appropriate Design Code), enforced by the ICO, now requires apps and services likely to be used by children to have privacy and safety features built in by default. That’s a genuine step forward. But the rules only take you so far. Parental involvement still does the heavy lifting.
What to Do If You’ve Been Hacked or Scammed
If it happens, don’t freeze. Acting quickly makes a genuine difference. Here’s what to do:
- Change the compromised password immediately, and change it on any other account where you used the same password.
- Enable 2FA on the affected account if you haven’t already.
- Contact your bank if financial details may have been exposed. UK banks have 24/7 fraud teams.
- Scan your devices with antivirus software to check for malware.
- Warn your contacts if your email or social media was compromised. They may receive phishing messages that appear to come from you.
How to Report Cybercrime in the UK
Reporting matters, even if you think nothing will come of it. Each report helps law enforcement spot patterns and pursue perpetrators. Yet according to Home Office research, only around 8% of cybercrime victims in the UK report to police or Action Fraud. That’s far too low.
Your primary reporting channel is Action Fraud (actionfraud.police.uk), the UK’s national fraud and cybercrime reporting centre. You can report online or by phone on 0300 123 2040. For suspicious emails, forward them to report@phishing.gov.uk. For scam texts, forward to 7726 (free on all UK networks). If you’re dealing with an active financial crime in progress, call 999 or 101.
UK Resources for Online Safety
Bookmark these. They’re the most reliable UK-specific sources of help when you need them:
- NCSC (National Cyber Security Centre) – Official government cyber advice, including the “Cyber Aware” campaign with five key steps for individuals.
- Action Fraud – The UK’s national reporting centre for fraud and cybercrime.
- Get Safe Online – Free, government and industry-backed advice for individuals and businesses.
- UK Safer Internet Centre – Specialist guidance on children’s and young people’s online safety.
- ICO (Information Commissioner’s Office) – For concerns about personal data use or GDPR breaches.
Find a Broadband Deal That Keeps You Connected, and Protected
Your broadband provider plays a bigger role in your home’s online security than you might think. Some UK ISPs offer built-in network security features, parental controls, and content filters as part of their service. Use Switchity’s free comparison tool to find the best broadband deals available at your address. It takes less than 60 seconds.
You can also check what broadband deals are available in your area, learn how to switch broadband provider, or save money on your broadband with our latest comparison guides.