best privacy and security apps

The best privacy and security apps 2023 (Android & iOS)

Updated: 01/11/2023

In a world where we live much of our lives online, it’s essential that you know how to keep your personal information and data safe. There are numerous ways that cybercriminals can steal your personal and financial details if you don’t take precautionary measures.

In recent years, there’s been an increased risk of online scams and fraud, especially credit card fraud. In 2020, card theft led to a global loss of $28.65 billion. It’s all too easy to download malicious software accidentally or have your card details stolen unless you have the right protection.

We want to help you stay safe online, so we’ve found the top privacy and security apps for iOS and Android phones. Continue reading to find out how you can protect your data and secure your online accounts.


best privacy apps - ExpressVPN

Image credit: ExpressVPN/Google Play

With server locations in 94 different countries, the ExpressVPN app allows you to change your true IP address and location to anywhere else in the world. The VPN service allows you to stream, watch and listen to content from otherwise blocked and censored websites. The VPN will also protect your device from hackers when you use public Wi-Fi networks.

For an additional fee, there are a number of advanced features to choose from, such as Threat Manager (to block apps communicating with malicious third parties) and Network Lock kill switch (which blocks traffic if the VPN connection drops).

Available on: iOS & Android

Cost: in-app purchases from £10.07/€11.59 to £86.99/€100.12. 30-day money-back guarantee


best privacy apps - 1password

Image credit: 1password/Google Play

Remembering passwords and usernames for your various online accounts can seem like a nightmare. Luckily, 1password does all the work for you. The app stores all your usernames, passwords and forms so that y don’t have to remember each one. The password manager app can autofill the required information on each login page for a quick and easy sign-in.

You can safely share sensitive data with your loved ones, even if they don’t have an account with 1password. With the family account, you can update shared logins and passwords across multiple devices to ensure no one is accidentally locked out.

Available on: Requires operating systems iOS 14.0 or later & Android models 8.0 and up

Cost: from £3.79/ €4.36 p/m for individuals to £239.99/ €276.21. Free for the first 14 days


best privacy apps - Mcafee

Image credit: Mcafee/Google Play

Mcafee offers multiple levels of protection, such as antivirus, secure VPN and identity monitoring. You can browse the web knowing that your identity, location and device are safe from malicious software and cybercriminals.

The app has separate features to suit the different needs of iOS and Android devices. This ensures that the Mcafee system is able to protect your device against the latest phishing and malware attacks. The iOS version will also scan your device for the latest updates so your phone is fully protected.

Available on: iOS & Android

Cost: in-app purchases from £0.89/€1.02 to £189.99/€218.67


best privacy apps - GlassWire

Image credit: GlassWire/Google Play

GlassWire is a network monitor & security tool. You can use the app to monitor your WiFi network activity to see which devices and apps are using your network or mobile data. The in-built firewall also blocks apps from accessing your network until you allow or deny access.

The Android app will notify you if there are any suspicious anomalies in your network traffic as well as abnormal data consumption. You can keep track of past and present network data via the app in an easy-to-read graph.

Available on: Android

Cost: Free version or in-app purchases from £0.89/€1.02 to £4.59/€5.28


best privacy apps - Notesnook

Image credit: Notesnook/Google Play

Whether you’re noting down your weekly shopping list or keeping track of a work project, the Notesnook app helps keep your notes safe with end-to-end encryption. You can save and share information with zero tracking or spying.

You can add videos, images and file attachments to your notes and export them at any time. The app will remain locked even if your device is unlocked, which stops anyone from stumbling upon your private information. Don’t worry if you’re not connected to a network — you can make notes offline and sync them instantly when you’re back online.

Available on: iOS & Android

Cost: Free version or in-app purchases from £0.99/€1.14 to £52.99/€60.99

Protect your privacy with a prepaid card

For added security, it’s a good idea to use a prepaid card when you purchase apps on the App Store or the Google Play Store. The cards aren’t directly linked to your bank account, which means cybercriminals will never have access to your total funds. You can only add a certain amount of money to your prepaid card at any time. This limits the number of purchases fraudsters can make if they do gain access to your card details.

If you use a credit card over public Wi-Fi, for example, your bank account could be hacked by cybercriminals who have compromised the connection. On the other hand, if you use a prepaid card over public Wi-Fi, there is no way that cybercriminals can use it to access your bank account.

You can also use prepaid cards to safely buy from thousands of merchants both online and in-store, as well as through PayPal. It means you can shop safely while knowing that your bank account and financial details are fully protected.

Getsby offers two types of virtual card: our reloadable Virtual Green Card and our disposable Virtual Black card.

Virtual Green Card

Virtual Green Card

  • Instant delivery
  • No credit check
  • Apple Pay & Google Pay
  • Card fee € 3.99
  • Top-up: 3.0% (min € 2)
Learn more
do not show Onlyfans on statement

Virtual Black Card

  • Instant delivery
  • No credit check
  • Apple Pay & Google Pay
  • Card fee € 2.99 + 3.0%
  • 5 cards per day
Learn more


What apps should not be on my phone?

Although it can be tempting to download the trendy new gaming app or a local weather app, you should be cautious. Countless apps on app stores will request access to your location, full name and other types of personal data when you go to download them. The apps will then sell this information to third parties, which could put your privacy and security at risk.

Who can see what I do on my phone?

When you download a new app, it’s likely that you agree to the Terms and Conditions without fully understanding what they are. You could be giving an app access to your location, contacts, camera and microphone without even realising it.

When you download a new app, you should try to see what permissions the app wants so that you can decide whether you’re happy to share that information. If you don’t feel happy sharing that level of personal information, it’s advisable to try and find another app to use.

How can I tell if my phone is being monitored?

The following are some tell-tale signs that your device may be monitored. However, it’s important to remember that these are indicators rather than definitive signs.

  • Slow performance – malware could be causing your phone to lag because it’s sending your personal data, photos and documents to an external server
  • Overheating – your phone may be overheating because malware is constantly operating in the background
  • Abnormally high data usage – hackers may be using your data to remotely access your phone to transfer your information and files to an external server
  • Random reboots – a hacker may have remote access to your phone and is trying to reset the password and username for your online accounts so they can gain access
  • Strange text messages – a hacker may be using your phone’s text system to communicate with their server or to encourage you to click on sinister links

Do apps collect personal data?

When you download an app, you’ll likely have to authorise the app to access personal information such as your contacts, location or your documents. The apps may need access to this information to help their systems run properly. If you want your weather app to forecast the weather in your location, for example, it makes sense that it requests access to your location. However, the app may want access to your information so that it can sell it to third-party companies. This could lead to a number of spam calls or potential cyber-attacks.

You need to be aware of what information you allow your apps to collect to protect your online privacy and security. Try to read the Terms and Conditions before you download an app. This will help make sure you are aware and comfortable with the level of personal information that you are sharing.


Protecting your personal data is an essential part of having an online presence. Luckily, there are a number of iOS and Android apps that you can download that will protect you against malware, viruses and cybercriminals who may try to steal your data.

As a minimum, you should try to take basic steps such as using a VPN or encrypted connection when using public Wi-Fi networks. However, it’s advisable to use iOS and Android antivirus apps to help protect your device if you accidentally download malicious apps or click on a harmful link. Many apps include additional security features that can offer better protection to your phone, such as password encryption and firewalls.

Is Getsby Safe

Is Getsby Safe?

These days, more people are doing their shopping online. Not only is internet shopping more convenient as you don’t even need to leave the house, but it is easier to find exactly what you are looking for — and at a competitive price. As well as shopping online, the internet is now also used to pay bills, transfer money and for subscriptions and gaming. For added convenience, your card details are memorised by websites or apps or stored on your device.

While this saves you from having to input your information each time you make a purchase or transfer, it does provide fraudsters with more opportunities to steal your personal details and money. The result is that millions of people fall victim to identity theft and fraud every year.

It is for this reason that more people are now choosing to pay for goods and services with virtual cards rather than physical cards. With online financial transactions, you do still need to be vigilant and ensure you’ve installed the necessary software, but virtual cards provide an extra layer of security.

If you are considering getting a virtual credit card, you may be wondering how safe they are. With that in mind, we’ve written this article to reassure you. In it, we’ll take you through all the safety features of Getsby’s virtual cards.

Is Getsby legit?

Getsby is a provider of virtual cards and virtual gift cards. Registered in the Netherlands, Getsby Mastercard debit cards are issued by DiPocket UAB and DiPocket Ltd., under its electronic money institution licence. DiPocket is a Financial Institution authorised and regulated by the Financial Conduct Authority and the Bank of Lithuania.

We carefully safeguard the information we hold about you, including your personal data, and are compliant with payment industry standards, including the PCI DSS.

Year Founded: 2014

Available countries: Open to customers in the EEA/EFTA/UK

Products: Virtual cards and virtual gift cards

Card services: Spend in 200+ countries worldwide. Pay online and in-store.

Is Getsby safe to use?

Security and online protectionHere at Getsby we’ve added layers of security to our virtual cards in order to protect your sensitive financial information. This is via a range of safety features, including 3D Secure, biometric identification and payment tokenization. Also, the cards are not linked to your bank account, so your bank details won’t be compromised in the event of a security breach. Additionally, there is no physical card for thieves to steal.

This means you can pay for online subscriptions and games and do internet shopping safely in the knowledge that your privacy will be protected and thieves won’t be able to steal your personal or financial information. You can also shop in your favourite stores, pay for dinner in your favourite restaurant or spend your money wherever Mastercard is accepted, safe in the knowledge that Getsby is safe to use.

Continue reading to find out more about how Getsby protects your privacy and keeps your details safe from fraudsters.


What are Getsby cards?

Getsby’s virtual cards are digital Mastercard cards that you apply for online.

Getsby offers three types of virtual prepaid cards: The Virtual Black Card, the Virtual Green Card and the Virtual Gift Card. Getsby’s Virtual Black Cards are disposable digital payment cards that are designed for one-time payments. The Virtual Green Card allows you to load money onto it as and when you need it, which can help with budgeting and overspending. Getsby’s Corporate Virtual Gift Cards are international gift cards that can be used worldwide, making them the ideal gift for business owners to give to customers or reward employees with.

Virtual Card detailsInstead of a physical plastic card, you will be given online access to a 16-digit card number, expiry date and three-digit CVV number in order to make purchases. This means you can use a virtual card anywhere you see the Mastercard Acceptance Mark. You can make purchases in physical locations — including contactless payments — receive cash-back when making purchases in physical stores, withdraw money from ATMs that have a contactless symbol, and make online and telephone purchases. You can also add the card to your Apple or Google mobile wallet. It is worth noting, though, that the card cannot be used for other cash transactions, such as withdrawing cash from a bank or purchasing traveller’s cheques or foreign currency from a bureau de change.

Virtual cards have many advantages, but one of the greatest is the level of security that they provide. Your bank details will never be revealed using Getsby’s virtual cards because they are not connected to your bank account. And even the money that’s been loaded onto the card has layers of protection against cyber thieves.

To enhance security, your card will be automatically registered for Mastercard Identity Check. This means that when you use your card for online purchases, you may be required to enter a code that will be sent to your mobile phone number, or you will need to authorise a transaction via the app.

If your card details have been compromised, a thief won’t be able to spend more than what’s been loaded onto the card as there’s no overdraft or credit limit, and you are able to freeze the card in just a couple of clicks.

What are the safety features of a Getsby virtual card?

Getsby is committed to protecting your personal and financial details. Before we reveal the safety features of a Getsby card, we want to assure you that we will never contact you to request any of your personalised security features — nor will we ask anyone else to do so on our behalf. A request like this is likely to be fraudulent, and under no circumstances should you provide any of your personal security information. We advise you to treat emails from senders claiming to be Getsby with caution — especially if they are asking you to reveal any personalised security features — and we request that you report any activity like this to us immediately.

The following safety features give peace of mind when using your card online and via your mobile wallet while you’re out and about:

1. PCI DSS compliant

As a company that provides digital payment cards and stores and processes sensitive information, we take security very seriously. We are PCI DSS compliant (Payment Card Industry Digital Security Standard), which means that we follow a set of industry security standards to secure card transactions against theft and data breaches. The measures that we follow include:

  • Installation and use of firewalls
  • Encrypting data
  • Use of anti-virus software
  • Monitoring and testing networks
  • Maintaining an information security policy

Getsby Mastercard debit cards are issued by DiPocket UAB and DiPocket Ltd, who are PCI Level 1. As a merchant that processes more than 6 million transactions per year, DiPocket is held to the highest compliance level standards when it comes to safeguarding customer data.

2. 3D Secure

Also known as 3DS, 3D Secure provides an additional authentication step when making payments. It was introduced by Visa with the “Verified by Visa” payment process, and thanks to its success at minimising payment fraud, it has since been implemented by almost every financial service company for online card transactions. This includes Mastercard’s SecureCode, which is used by Getsby. While every 3D Secure protocol differs slightly, they all utilise the same technology.

How does 3D Secure work?

To make an online payment in the past, you only had to enter your name, card number, card expiry day and CVV number, but with 3D Secure, you also have to do one or more of the following:

  • Enter your password
  • Answer a question you previously provided the answer to
  • Confirm a one-time code which is sent to you via text message or email

If you enter the correct information, you will be redirected back to the merchant’s website, where a “Transaction successful” screen will appear after a couple of seconds.

3. Biometric identification

Man using biometric identification on mobile phoneAnother way to confirm your identity when making online purchases or other payments using your mobile wallet is biometric identification.

This is where your identity is confirmed by capturing your biometric data. This is done by either taking a photograph of your face, capturing an image of your fingerprint or recording your voice.

4. Payment tokenization

Tokenization is where a piece of data — known as a “token” — is given in place of your actual card details. An algorithmic code translates your card details into a series of letters and numbers to prevent fraudsters from being able to access your information. Even if the website where you input your details were to become a victim of a security breach, the information the scammers managed to intercept would be meaningless to them as they wouldn’t be able to interpret it.

The tokenization security measure is used in many online transactions in order to safeguard the sensitive financial data of both buyers and sellers.

5. Not linked to your bank account

A Getsby virtual card isn’t linked to your bank account, so there is no way for cyber thieves to steal your account information. You simply transfer a small amount of cash at a time.

Considering the measures outlined above, with a Getsby card, it is unlikely that you will fall victim to cyber fraud, but even if your details are compromised, the thief won’t be able to take any more than what you’ve loaded onto it, and in any case, the card can be frozen immediately.

6. No physical card to steal

Because there is no physical card to steal, there’s no risk of it being lost or stolen. This means there won’t be any opportunity for thieves to clone it and use it to make purchases.

How does Getsby use customer information?

Getsby respects the privacy of all its customers and ensures that the personal information provided to us is treated confidentially.

When you sign up for one of our cards, we will ask you for some personal information in order to provide you with our service. This data is stored on secure servers and will not be combined with any other personal information that we have.

Where can I use a Getsby card?

Now you have the reassurance that Getsby prepaid cards are safe to use, you may be wondering where you can use them.

You can use your Getsby virtual prepaid card for online purchases anywhere you see the Mastercard symbol. Or you can add it to Apple Pay or Google Pay for in-store purchases.

Some of the ways you might want to use your Getsby card include the following:

  • Subscriptions — Subscribe to services like Netflix, Twitch, OnlyFans and F1 TV to have greater control over your recurring spend
  • Gaming — Make one-time game purchases online
  • Paying bills — Pay your bills knowing that your provider can’t take more than what’s been loaded onto the card (which they may try to do if there are hidden fees)
  • Online shopping — Use your Getsby card on websites that carry the Mastercard symbol
  • Gifting — Load money onto a Getsby prepaid card and give it as a gift card
  • Budgeting for children or teens — Manage your child’s spending and teach them about budgeting


More people are now choosing to pay for goods and services with virtual cards rather than physical cards. You do still need to be vigilant and ensure you’ve installed the necessary software when making online payments, but virtual cards provide an extra layer of security.

Getsby prepaid virtual cards are much safer to use than regular credit or debit cards. This is because of the following safety features:

  1. 3D Secure —  Getsby uses the Mastercard SecureCode as an additional authentication step when making payments
  2. Biometric identification — When making purchases using your Getsby card, you will be required to confirm your identity via biometric identification
  3. Payment tokenization — An algorithmic code translates your card details into a series of letters and numbers to prevent fraudsters from being able to access your information
  4. Not linked to your bank account — This means your bank details won’t be compromised in the event of a security breach
  5. No physical card — So there’s no risk of it being lost or stolen
Online shopping risk

The risks of online shopping and how to stay safe

Updated: 02/11/2023

Online shopping has grown in popularity over the last decade. In 2021, e-retail sales accounted for over $5.2 trillion worldwide, and the projections show that by 2026 almost a quarter of all sales will be done online. Online shopping is quicker, easier, and offers consumers greater choice than regular shops.

However, it is not without its risks. Since the start of the Covid-19 pandemic, cases of fraud and cybercrime in the UK and across the world have risen sharply. In 2021, over £1.3 billion was stolen, with purchase scams – in which the victim is conned into buying something that does not exist – accounting for nearly £65 million of the total figure.

So, while the internet provides shoppers with a cornucopia of products that can be on their doorstep in just a few days (or even hours), it also provides con artists and scammers with more opportunities to grift and exploit unsuspecting internet users.

But fear not, as there are plenty of things you can do to ensure you stay safe when shopping online. We are going to look at some of the risks of online shopping and what you can do to protect yourself.

How do you stay safe when shopping online?

Online shopping comes with risks, but if you are vigilant and aware of the dangers, you can stay safe. Stick to the following guidelines to ensure you remain as safe and secure as possible:

  • Avoid making payments on public WiFi
  • Use a prepaid card such as a Getsby virtual card
  • Install anti-virus software
  • Don’t click on links in emails
  • Look at the safety features of the website
  • Check the Terms & Conditions and Privacy Policies.

So let’s jump in and take a closer look at some of the risks of online shopping.

What are the risks of online shopping?

Risks when online shopping include:

  • Identity fraud
  • Fake stores
  • Data breaches
  • Fake reviews
  • Adware
  • Phishing
  • Unencrypted data

We will explore how to overcome these risks in greater detail later on, but let’s take a closer look at each of them and the threats they pose.

Identity fraud

Online identity fraud or identity theft involves cybercriminals hacking a user’s login or card details and using them to make online purchases on e-commerce websites. The cybercriminal may also sell the user’s personal details to other online criminals to use for fraudulent purchases.

Fake stores

The freedom of the internet allows anyone to set up a website with relative ease and little investment. While this is great for democratizing the web and the digital landscape, it also means that scammers and nefarious actors can set up fake online stores.

Many of these fake online stores look and feel just like legitimate ones, as they often use the same copy, design, and layout. But the reality is, if you make a purchase, you will either never receive the product, or you will be sent a low-quality fake.

Fake stores can open and close within 24 hours, so there may be little trace of the website left online by the time you realize you have been scammed.

Data breaches

When shopping online, you almost always share the following things at a minimum: your contact information, address, and bank details. If an e-commerce site is hacked, your details could be exposed, which would represent a data breach.

Fake reviews

One of the main downsides of buying anything online is that you cannot examine the product before you buy it. While you can always return any items you buy, you will often have to pay a postage and packaging fee to make the return.

Many online shoppers read reviews of products before they make a purchase to see what previous customers have thought. However, you should be aware that many online reviews are fake and may even have been uploaded by the seller.


Adware is any popup ad that appears when you browse the internet. While adware can be legitimate, it can also be used for fraudulent purposes by cybercriminals seeking to divert you to malicious sites or infect your system with malware and computer viruses.


Phishing is when scammers send fraudulent emails that look as if they are from genuine retailers or other senders. The email usually contains a link or attachment that infects the user’s computer with a virus when clicked.

Scroll back to the top ▴

Tips for staying safe when shopping online

When shopping online, you can ensure that you remain as safe and secure as possible by adhering to the following online shopping safety tips.

Use a prepaid card

Unlike a regular credit or debit card, a prepaid card is not linked to a bank account. Instead, when you use a prepaid card, you are only able to use the money you have put on the card from another account.

Prepaid cards use payment tokenization in which a user’s sensitive information is protected by a surrogate for their real account details. If a hacker manages to hack a system, they will only have access to the money on your prepaid card, which can be as little or as much as you like.

Getsby’s prepaid card is also 3D secure, which means it requires additional authentication steps when making online payments, further heightening the security of the card.


Order your Virtual Card today


Don’t follow links in emails

If you receive a promotional or any other type of email from an online retailer, do not follow any links within it, as it could be a phishing scam. Even if the email looks as if it is from a reputable retailer, there are clever scammers out there who can craft design and copy to make it appear legitimate.

If there is a link redirecting you to a website, it is best to find the stores via a search engine and then log in to the store and find the information you need on the site.

Download anti-virus software

Anti-virus software can detect malware and trackers on suspicious sites and warn you before entering them. You should always install any updates that come with the anti-virus software, as hackers and cybercriminals can take advantage of software that isn’t up to date.

Don’t use public WiFi for online shopping

Public WiFi networks can be great if you want to catch up on some emails or finish off some work in a cafe or on a train.

However, you should never do anything that involves sharing sensitive information while accessing a public WiFi network because they are particularly vulnerable to hackers. This includes buying things online, even if your card details and delivery information are pre-stored.

If you are in a public place and need to use the internet to buy something or share other sensitive information, you should wait until you can access a secure internet connection that is not public, or try using your mobile data either on your phone or as an internet hotspot. Both options are far more secure than a public WiFi network.

Change your passwords

You should use strong passwords that are different for each of your online accounts. In 2019, 23.2 million people were hacked worldwide because they had the password 123456.

Your passwords should contain a collection of letters, numbers, and symbols, and they should be different for each site. A good tip is to use the first letter of each word for a sentence you won’t forget. For example, if your grandmother was called Dorothy and she was born in February 1945, your memorable sentence could be:

  • Was my grandmother Dorothy born in February 1945?

And the password would then look like this:

  • WmgDbiF1945?

As you can see, the password looks like complete gobbledegook to an outsider, but for you, it represents an easily memorable sentence.

Update your computer

Keeping your computer’s operating system updated is important for ensuring that it is protected from viruses and malware. Hackers are able to find weak spots in operating systems that they can exploit and then infiltrate your computer. So be sure to stay on top of all the updates your computer needs.

Check the site’s security

A simple but effective way to check a site’s security is to keep an eye out for the padlock symbol in the left corner of the URL address bar. This is known as the “secure sockets layer” and lets you know that the site you are on is safe.

Also, when buying anything online, check that the website address begins with “https” rather than “http.” The additional S stands for secure.

Check the Terms & Conditions and Privacy Policies

Another way of checking the authenticity of a site is to read the Terms & Conditions and Privacy Policies. You should be able to find these on the website, either before you pay or in the webpage footer.

If there are no Terms & Conditions or a Privacy Policy, or if they are there but are suspiciously short, contain spelling and grammar mistakes, or are filled with random text, then you should not trust the site nor make a purchase on it.

Only shop online with retailers you trust

Only shopping with retailers you trust means you should stay on sites you are familiar with rather than buying products on unknown sites you haven’t heard of before.

Of course, you may find something you want to buy that is only available on a niche website you have not encountered. If this happens, perform some of the following checks to ensure the site is legitimate:

  • Check for the lock symbol and the https prefix, as outlined above.
  • Read the copy on the site and check for spelling mistakes or obvious grammatical errors, as this could be a sign that the site may not be trustworthy.
  • Check the social media pages – if there are any – that are affiliated with the site.
  • Check for customer reviews – but remember that not all reviews are trustworthy!
  • Read the returns policy. If the site doesn’t have a returns policy, a contact number or email address, or a physical address, these are all red flags that could indicate the site is not to be trusted, and you should look elsewhere.

Scroll back to the top ▴

How else can prepaid cards help your online shopping experience?

As we have seen, prepaid cards such as Getsby can ensure you have a secure online shopping experience. But did you know that there are many other benefits to prepaid cards?

For example, prepaid cards can help you to budget and spend wisely. Because you have to upload money onto the card, you can set yourself a monthly limit for how much you want to spend online. Instead of having all the money you have in your current account at your disposal, you will only have the money you have set aside for online spending that month, week, or year.

Getsby’s prepaid cards also don’t charge currency transaction fees. This means you can buy products or services from abroad and not be charged extra for converting from one currency to another.

Getsby cards can be used at any retailer that accepts Mastercard payments. So, unlike many other secure prepaid cards, a Getsby card gives you access to millions of stores worldwide. You can even use your Getsby card for in-person shopping by linking it to your Apple or Google Pay account.

Virtual Green Card

Virtual Green Card

  • Instant delivery
  • No credit check
  • Apple Pay & Google Pay
  • Card fee € 3.99
  • Top-up: 3.0% (min € 2)
Learn more
do not show Onlyfans on statement

Virtual Black Card

  • Instant delivery
  • No credit check
  • Apple Pay & Google Pay
  • Card fee € 2.99 + 3.0%
  • 5 cards per day
Learn more


Despite there being risks, you should be able to shop safely online, provided you exercise the necessary precautions and remain vigilant for any red flags. Keep an eye out for anything that looks suspicious, be wary of following links, and download anti-virus software to alert you to potential threats. Also, consider paying with a prepaid card to keep your bank details offline and to limit the amount of money that can be stolen if you do get hacked.

phishing scams

How to spot and avoid phishing scams

We send and receive emails every single day. Whether that’s for work or in our personal lives, emails have become a common method of communication for us.

Due to this, we often receive a large number of spam emails in our inboxes. For instance, in September 2021, an average of 105.67 billion emails were sent daily, of which 88.88 billion were spam emails – a whopping 84.1%.

Many of these are simply promotional emails from businesses and individuals looking to sell you their goods or services. However, a significant portion of these spam emails are sent with malicious intent, such as phishing attacks.

Phishing scams are a popular method that tricks users into revealing their card or bank details online. Fraudsters who gain this information often go on to commit Card Not Present fraud (CNP), a common type of scam where the real owner of the card is not present during the payment.

To ensure your financial information remains safe, we’ve created this article to help you understand what phishing scams are, how to spot them, and how to avoid them.

Identifying phishing emails (and text messages) can be difficult, but they often convey a sense of urgency, requiring you to take quick action. They’ll usually ask for sensitive information such as credit card details or ask you to click on a suspicious-looking link. These key giveaways let you know you are on the receiving end of a phishing scam.

Whilst you can’t get rid of phishing emails from your life completely, you can protect yourself from them by first educating yourself on what they look like, using multi-factor authentication on all your accounts, and verifying a website’s security before entering any information.

But before we go into more detail, let’s take a step back and explain what phishing is.

What is Phishing?

Phishing is when scammers impersonate reputable businesses and attempt to trick users into downloading malware or clicking on a fraudulent website to steal personal or financial information.

By presenting themselves as a trusted business, users often let their guard down and follow the actions outlined in the email. These actions can include:

  • Opening an attachment.
  • Clicking on a link.
  • Filling out a form.
  • Replying to the email with certain information.

It should be noted that phishing scams can be in the form of text messages and phone calls. However, it’s most commonly associated with emails.

What is the difference between spam phishing and targeted phishing?

Spam phishing is when phishers send the same generic email to as many people as possible. Essentially, they are casting a wide net and trying to trick as many people as they can, regardless of who they are.

Since scammers don’t need to tailor their emails to a specific person, it is the easiest phishing method. As such, spam phishing is by far the most common type of phishing scam you’ll encounter.

Targeted phishing, also known as spear phishing, is when a specific email is sent to a specific target. The targets can be individuals or groups of people, such as employees of a particular business or organisation.

Since targeted phishing scams are more personalised, they require much more effort from the phisher, and as a result, they’re not as common as spam phishing emails. However, they can be harder to identify as scams due to that very reason.

Scroll back to the top ▴

How to spot phishing scams?

Spotting phishing emails isn’t always easy. Since they are designed to look like they’re sent from an actual business, it can be difficult to tell the difference between a regular email and a malicious one. Still, there are a few key things to look out for which can help differentiate between the two.

1. Emails requiring urgent action

Phishing emails typically describe a scenario that requires your urgent attention and action. Examples include security threats to one of your banking or social media accounts or an urgent fine you must pay off.

This is done to put you in a state of panic where you’re no longer thinking logically. As such, you won’t notice certain things, such as irregularities in the email, that can mark it as a scam.

If you receive one of these suspicious emails, you should first pause and take a minute to process what it says. By carefully dissecting the email, you’ll often notice inconsistencies that point toward it being a phishing scam.

2. Emails with inconsistencies

If you can find differences in the email address, the link they ask you to click on, and the website domain name, it’s a good indication that you have received a phishing attack. An example of this would be if you received an email from ‘Google’, but the link they asked you to click on was ‘Gooogle’ with three o’s.

You can verify this by moving your mouse above the link. A pop-up will appear at the bottom left of your browser. If this domain name doesn’t match up, it’s safe to say that the link takes you to a malicious website, and you should not click on it.

3. Emails that request sensitive information

As a general rule of thumb, any email that asks for your sensitive data – such as your login details, bank details, or other personal or financial information – should be treated with care, as this is a common way phishers try to trick victims.

These are often phishing attempts where the scammer will ask you to click on a link and enter your sensitive information. Once you have given the information over, the scammer will use this in identity theft.

4. Emails with grammar and spelling errors

One of the main inconsistencies you’ll notice with a phishing email is spelling and grammar mistakes. Reputable and legitimate businesses will double, and triple-check all outgoing emails for spelling and grammatical errors since mistakes like those can create an unprofessional perception of their company.

On the other hand, most phishing attacks are made by a single person whose main goal is to target as many online accounts and people as possible. As such, they’re often not as diligent with typos and grammar mistakes, making it an easy way to spot phishing scams.

5. Emails with suspicious links

A common theme you may have noticed is the use of malicious links. Most phishing scams involve redirecting you away from your email client to a malicious site called a phishing site.

Phishing email scam with a suspicious attachmentThese phishing sites often appear to be the same as the website they’re impersonating, which is why people fall for the trap. However, these websites have nothing in common with the real thing, and any information entered there will be given straight to the scammer.

6. Emails with suspicious attachments

Similarly to the point above, you may receive suspicious attachments – typically files in the form of .zip, .exe, .scr, etc. If you download these files, they will install malware on your device, which will then be used to monitor your activity and keystrokes, thus, gaining access to your accounts.

7. Emails that offer rewards and prizes

It would be silly to say no to a free prize, right? This is exactly what scammers hope for when they send you these emails.

Suppose you receive a random email about how to claim your free reward. In that case, there’s a good chance it’s a phishing email and cannot be trusted – if it sounds too good to be true, it probably is.

What are some examples of common phishing scams?

As internet users become smarter, so do phishing scammers. That’s why creating a complete list of phishing methods they use is difficult. However, there are some common emails you’ll come across. They’ll typically impersonate the following:

  • A ‘friend’ asking for financial help
  • Your bank provider notifying you of a security breach that requires your verification
  • A government agency informing you of a tax rebate
  • A charity asking for donations
  • An investment platform with an investment opportunity
  • A lottery association telling you to claim your prize

How to avoid phishing scams?

The quantity and frequency at which you receive phishing emails are largely out of your control – it’s simply bound to happen. However, there are some things you can do to minimise how many you receive and how to avoid falling victim to them.

1. Know what a phishing scam looks like/know the signs

phishing scam with unknown filesOne of the best things you can do to protect yourself from phishing scams is to be educated on the topic. We’ve already gone through how to spot them and some common examples of what they look like, but that doesn’t mean you shouldn’t keep up to date on current phishing tactics.

Scammers are constantly evolving the methods by which they look to trick people. Therefore, the best way to prevent phishing scams is to know what to look for, and you can do this by keeping tabs on new phishing trends.

2. Use multi-factor authentication

Multi-factor authentication is when a user must pass two or more security checks before access to an online account is granted. The most common example is when you try to log in with a username and password. Then a one-time passcode or PIN is sent to the email address or phone number to verify the login attempt.

Due to fraud-prevention laws and regulations, multi-factor authentication is standard practice for online transactions. However, it’s now being used by websites and apps.

If you have the option to do so, it’s highly recommended to use multi-factor authentication on all of your online accounts, as this will prevent scammers from gaining access even if they know your login details.

3. Take advantage of a password manager

Many websites ask you to make an account before making a purchase or accessing its content. For that reason, it can be hard to keep track of all your username and passwords.

Some people make the mistake of using the same password across multiple websites or making their password incredibly easy to remember – and in some cases, both. However, this makes it easy for scammers to access your accounts and information. To remedy this, use a password manager.

A password manager stores all your usernames and passwords in one place. It also recommends complex passwords that would otherwise be impossible to remember, ensuring your account is extra secure.

In addition, password managers will automatically fill in your login details when you access that particular site. Therefore, if you visit a website and your login details aren’t auto-populated, it’s a good sign that you are on a phishing site.

4. Don’t delete phishing emails

When you encounter an email you suspect to be a phishing attempt, it can be tempting to mark it as junk or simply delete it. However, a better alternative is to report it as ‘phishing’. This informs the email client to add the sender’s email domain to a blocked list, which means you will not receive any subsequent emails from that domain name again.

Reporting emails as phishing also provides data to the email client, which is then used to further improve its phishing prevention filters, ensuring you aren’t sent similar emails in the future.

5. Set up a private email address

A simple and effective tool to prevent phishing scams – but one that’s often overlooked – is to set up a private email address for all your important websites, such as online banking and bills.

Many people use the same email address for all their online accounts, which is dangerous. An email address that’s used on social media platforms, forums, and other websites can easily end up in an online directory, and phishing scammers often scour these directories for email addresses to send phishing messages to.

By keeping all your important emails restricted to a separate and private email address, you’ll significantly reduce the chance of it falling into the hands of a phishing scammer. Also, if you still end up receiving a phishing email, it will be easier to identify and block.

6. Don’t click on suspicious links

It’s fine to follow through on links when you’re 100% sure it’s from a trusted sender. However, if you have even the slightest suspicion, don’t click on it – it’s better to be safe than sorry. Instead, you can go to the website via a search engine, as this will ensure you aren’t redirected to a malicious site.

7. Verify a website’s security

You can verify if a link will take you to a secure site by hovering over it. Suppose the URL does not start with “https://”. In that case, the connection won’t be secure, and you should not enter any sensitive information on the website.

Another way to check whether a website is secure is to see if it has a closed padlock sign next to the URL. Checking whether the website you’re visiting has a closed padlock and “https://” in its URL is a good habit to get into, and you should do it before submitting any kind of information on all websites.

This is particularly relevant for when you’re shopping online as you’ll be entering your debit or credit card details onto the website.

For additional security and protection against payment fraud and data leaks on the internet, you can use a virtual card. Virtual cards have tokenization, meaning the card number is obscured, making it impossible for scammers or hackers to acquire your card details.

8. Utilise anti-phishing tools

You can now download free anti-phishing add-ons to your browser to help identify online scams. Anti-phishing add-ons will flag a website if they believe it exposes you to a phishing attempt, which can act as an extra layer of protection.

9. Install antivirus software

On a similar note to the point above, installing antivirus software can help you identify when you’re on a malicious website, or when a program or website has attempted to download suspicious software onto your device. As such, it provides yet another layer of security as you browse the internet.

10. Update your browser immediately

Requests to update your browser can come at an inconvenient time, and we’ve all been guilty of ignoring them every now and then. However, they’re essential for your cyber security.

Most browser updates improve their ability to detect and prevent phishing attacks, viruses, spyware, adware, trojans and more. Thus, they improve the overall security of your device.

By not updating them on time, you could open yourself up to phishers and hackers who have found a way to exploit the browser’s system.

11. Leave the pop-ups alone

This advice has been around since the start of the internet, but don’t interact with pop-ups. Although pop-ups can just be advertisements, they are used for malicious purposes in many cases.

They either masquerade as legitimate websites to entice users into entering personal or financial information, or they can often result in malware being downloaded onto your device – both of which can be equally damaging. Therefore, it’s best to steer clear of pop-ups and click the ‘x’ button to close them.

To avoid pop-ups being shown in the first place, there are many well-known and reputable ad-blockers that you can download as an add-on for your browser.

Scroll back to the top ▴

Final thoughts

Whether we like it or not, we will be on the receiving end of a phishing scam. It’s just one of the many ways in which scammers try to deceive users into revealing sensitive information, such as bank and card details.

By posing as a legitimate business and often asking you to take urgent action, they attempt to use your trust and good nature against you. However, these scams aren’t foolproof.

In recognising the tell-tale signs outlined in this article, you’ll be able to identify a phishing scam and prevent yourself from falling victim to them.

phishing scams

Credit card fraud: Five scams to watch out for

Contactless payment was introduced to make our lives more convenient. Unfortunately, as technology evolves and becomes more sophisticated, so do scams. Research has found that payment card fraud (which includes debit and credit cards) is one of the most common types of fraud in the UK, affecting around one in five people.

Scammers are constantly coming up with new and inventive ways to steal our money. This is why it’s so important to be aware of the latest credit card scams and recognise the signs before your money is taken.

If the worst does happen, your credit card company may be able to reimburse you. But considering the time and hassle that’s involved in getting the money back, it’s best to do everything you can to ensure you’re not a victim of credit card fraud in the first place.

With that in mind, we’ve written this article, which reveals five credit card scams to watch out for and lists some credit card fraud warning signs. With European Cybersecurity Month well underway, what better time to brush up on your credit card security knowledge? We will also give tips on how to protect yourself from credit card scams and explain what to do if you fall victim.

What credit card scams should I watch out for?

Card not present fraud (CNP) is a common type of fraud affecting credit and debit card owners. CNP happens when card and personal details are stolen and used to make fraudulent payments without the card owner’s consent. When payments are made online or over the phone, it’s harder for retailers to confirm that the person making the payment is the card’s true owner.

In Europe, CNP accounted for 79% of the total value of card fraud in 2018 and 76% in the UK in 2019. Fraudsters will often use phishing and skimming scams to gain card details to commit CNP. With phishing scams, you’re tricked into disclosing your credit card details. When it comes to skimming, scammers will use a device to steal your credit card details.

Your credit card details can also be stolen over an unsecured Wi-Fi network. You should also watch out for online shopping and charitable donation scams, where your information is obtained by false pretences.

Continue reading to find out more about these credit card scams and how they work.


Five credit card scams to watch out for

1. Phishing

Phishing is when a scammer contacts you via phone, email or text message and tricks you into disclosing your credit card details or other personal information.

In many cases, the scammer will pretend to be from a well-known company you already use and will be urgent in tone to get you to act quickly. For example, you might get an email from your “water supplier” saying that you need to update your payment details quickly; otherwise, your supply will be cut off. When you click on the link in the email, you will be taken to a clone of your supplier’s website, which looks the same but steals your credit card information.

These types of scams often target older people, who are more vulnerable because they tend to be less technologically savvy.

2. Skimming

In skimming scams, fraudsters attach devices to credit card readers and payment terminals, such as ATMs, in order to collect your credit card details. The scammers will then sell the information on or use it to make duplicate credit cards.

Credit card companies like Visa and Mastercard have tried to combat this by installing chips to prevent physical scans. However, skimming is still one of the most common methods of credit card fraud.

3. Online shopping

This credit card scam involves fake eCommerce websites, which look like legitimate online shops that ask you to enter your details to pay for items you never get.

While some websites will only accept payment methods like cryptocurrency or wire transfer (which are harder to reverse), the ones that do allow credit card payments are able to steal your credit card data.

These websites are often extremely convincing, featuring trademarks, professional imagery and the “https” lock symbol in the URL.

Another way fraudsters target online shoppers is by manipulating those who are looking for deals. Sometimes, this scam takes the form of an email that contains a bogus link, which, when clicked on, triggers a malware download for scammers to access your credit card details. Again, the email or text message will look professional and legitimate.

4. Unsecured Wi-Fi

Another common credit card scam is where fraudsters either monitor an unsecured public Wi-Fi network or create their own network to lure in members of the public.

When you try to connect to the network, you will be prompted to enter your credit card details to gain access, which the scammers will steal there and then, or your device will be infected with malware so hackers can access your data later.

5. Charitable donations

After a world disaster like a flood, a hurricane or a declaration of war, you might receive a phone call or an email from credit card scammers pretending to be from a charity like the Red Cross or the Salvation Army, asking for donations to support relief efforts. This is a particularly cruel scam because it tugs on people’s heartstrings and plays on the fact that they want to do something to help others in a time of crisis.

These types of scams are also presented in an urgent manner to get people to part with their money quickly before they’ve had time to consider the fact that it might not be a genuine appeal.

Scroll back to the top ▴

Credit card fraud warning signs

While it’s not always possible to identify a credit card scam, there are some red flags to look out for:

  • Alerts from your bank — Be especially vigilant if your bank or credit card company has messaged you recently to warn you of new or increased credit card scams. They will also message you directly if they detect suspicious activity on your account. However, scammers will sometimes message people pretending to be their bank. If you’re at all suspicious, it’s important to remember that a legitimate bank will never call you up and ask for sensitive details like your PIN or password or ask you to move your money to another account.
  • Suspicious activity on your account — Go through your credit card statements and take note of any charges or transactions you don’t recognise. Sometimes, fraudsters will take smaller payments before stealing larger sums. This particular type of scam is called ‘carding’.
  • Unknown email addresses and phone numbers — If, for example, your “bank” emails you and asks you to click on a link, go through your previous correspondence to check that the email address is one they’ve used before. If you are unsure as to whether their contact details are legitimate, don’t reply to that email address. Instead, you should look up the company’s contact information and initiate an email or phone call yourself.

How to protect yourself from credit card scams

To reduce your risk of falling victim to credit card fraud, there are some measures you can take:

  • Never click on links or download email attachments if something looks off or you don’t recognise the sender.
  • Be wary of urgent calls or messages asking you to hand over your personal details.
  • Look for signs of tampering or misuse when using ATMs or credit card readers — especially those that are unattended.
  • Switch to contactless or mobile payments rather than using physical cards.
  • Check your credit card statements regularly and notify your credit card issuer if something doesn’t look right.
  • Set up alerts on your credit card accounts, so you’re notified of a purchase you didn’t make straight away.
  • Check your credit report for any credit card or loan applications you didn’t make.
  • Avoid using Wi-Fi networks with names like “Free Public Wi-Fi”.
  • Never enter your credit card details to gain access to an unsecured Wi-Fi network.
  • When using public Wi-Fi, avoid online banking and online shopping.
  • Install antivirus software on all your devices and install a VPN if you regularly use public internet.
  • If you’re contacted by a charity asking for help, research the cause before you donate any funds.
  • If you receive a call from a suspicious phone number, search the number online by putting quotation marks around it to see whether it has been identified as a scam caller.
  • Avoid answering calls from “Unknown” or “No Caller ID” numbers.
  • Set up multi-factor authentication to secure your credit accounts.

You can also protect yourself from credit card scammers by using a virtual prepaid card instead of a regular credit card. When paying online using a Getsby virtual card, your personal payment details remain protected.

These cards have an extra layer of security, thanks to Mastercard 3D Secure and tokenization, which converts your card number into a Token ID so fraudsters can’t access it. And for even more security and peace of mind, you can even use a disposable prepaid card to make a one-time purchase.

reduce credit card fraud with a virtual prepaid card


Scroll back to the top ▴

What to do if you fall victim to credit card fraud

woman holding credit card and phoneIf you are the victim of a credit card scam, it’s important not to blame yourself. These scams can be incredibly sophisticated and well-organised and often involve teams of people. And remember that you won’t have been the only person to have been taken in.

You’ll also be relieved to know that there are some ways you can take control of the situation. You can be proactive about trying to get your money back and holding these criminals to account by doing the following:

  • The first thing to do is to speak to your credit card issuer and — if they are not already aware — let them know you are a victim of fraud. Most financial institutions will have a dedicated fraud team who are specially trained to deal with these types of scams and will be able to offer you assistance.
  • Report the scam to the three major credit bureaus (Equifax, Experian and TransUnion in the UK) so that the fraudulent activity doesn’t show up on your credit report and damage your credit score.
  • Report the scam to Action Fraud, which is the UK’s national reporting centre for fraud, or the police.
  • Change all of your passwords as soon as you become aware of the fraudulent activity.


Summary: Credit card fraud — scams to watch out for

One of the most common credit card scams is Card Not Present Fraud (CNP). Scammers often use tactics like phishing, where you’re tricked into disclosing your credit card details and skimming, when scammers use a device to steal your credit card details to commit CNP. Your credit card details can also be stolen over an unsecured Wi-Fi network, and you should also watch out for online shopping and charity scams, where your information is obtained by false pretences.

These scams are often incredibly sophisticated and well-organised, with teams of people involved. This means it’s not always possible to identify a credit card scam. However, there are some red flags which could indicate there might be something untoward going on. These include alerts from credit card issuers warning you of new or increased scams, suspicious activity on your credit card account and being contacted by unknown email addresses and phone numbers.

To reduce your risk of fraud, you should never click on links or download email attachments, check your credit card statements for suspicious activity and avoid answering calls from unknown numbers. If, however, you do become a victim of fraud, you should speak to your card issuer, report the scam to the authorities and change your login details.


Order your Virtual Card today