Safeguarding Advice

The threat of fraud and scams keeps increasing, and scammers’ methods are becoming more complex. We want to help to keep you safe by sharing some of the common scams used online, over the phone and in person.

Scam calls

If you receive an unexpected call from somebody claiming to be from a company requesting your bank or personal details, do not provide them. Call the company directly (do not use ring back) to confirm that the request is legitimate.

We will never make an unsolicited call to request your bank or personal details. The only time that we would ever ask for bank details is to arrange electricity reimbursements for using your oxygen machine.

Unsolicited visits

Employees of any reputable company should be wearing ID badges. You should always ask to see this before you let them into your home.

If you are still not sure the person is genuine, you should call the company to confirm the visit. Do not take a phone number from the person on your doorstep. Look online or in literature from the company for their number. Do not use the visitors phone to make the call.

If the visit is from one of our Healthcare Technicians, they will have an ID badge and we will be happy to check for you.

Phishing

Phishing scams are a type of online fraud where criminals attempt to steal personal information, such as passwords and credit card numbers. They do this by sending emails or text messages that appear to be from a company, such as your bank or mobile phone provider. The message will often contain a link that will take you to a fake website that looks like the actual website.

When you visit a website, look for the lock icon in the address bar:

This icon indicates that the website uses HTTPS, which is usually secure.

Phishing websites don’t often use HTTPS, so you should see a warning message if you try to visit one. Don’t ignore this warning and close the page/go back immediately.

The safer way to visit a website is by going to it directly using the address you know is genuine.

Never enter your personal information on a website you are unsure about.

Be suspicious of unsolicited emails and text messages

If you receive an email or text message you weren’t expecting, be careful about clicking links or opening any attachments. Phishing scammers often use fake email addresses and phone numbers that look very similar to the real ones.

Scammers will often mask their email address, making it appear to come from a genuine source. Depending on your email provider, you should be able to click the email in the address bar at the top of the message to expand it. Doing this will show the actual address the message came from. Look at the domain (the part after the @) on the address to ensure it is genuine e.g. an email from us should say @baywater.co.uk.

Another common scam is an email from someone who has claimed to have accessed your information. These messages will usually demand payment with a link to make the payment (often in Bitcoin or another untraceable cryptocurrency). If you receive a message like this, you should block the sender and delete the message.

Hover over website links before clicking on them

When you receive a website link, hover your cursor over it for a few seconds before you click it. Doing this will show you the website URL you will be taken to. If the URL doesn’t match the company’s real website, don’t click on it.

Setting up passwords and two-factor authentication

There are several ways that we can protect our accounts and make them challenging to gain access to. You should use strong passwords and enable two-factor authentication on your online accounts where it is available.

A strong password should be at least 12 characters long and use a mix of uppercase letters, lowercase letters, numbers and symbols. Examples of symbols include exclamation marks (!) hashtags (#) and the pound symbol (£). You should not use the same password for all of your accounts.

Social media

Be careful about what information you share on social media. Phishing scammers can use this information to target you with personalised scams, making them even more believable. Do not share anything online that you are not comfortable with everyone (including scammers) knowing.

Scammers will often look at a person’s social media for personal information before attempting to access their accounts.

Never share information on your social media relating to a ‘secret question’ you have used to secure one of your accounts. For example, a standard ‘secret question’ is “What is the name of your first pet?” or “Where were you born?”. It can be easy to share this information on social media without thinking about it. However, this will give a scammer what they need to reset your password and access your account.

A common scam is a list of questions in a social media post, which people answer and then ‘share’ for their contacts to complete/share. These questions will usually be targeted to give scammers information mixed with harmless ones to throw you off guard.

Some useful links for more help

We have tried to include as much information as we can, but there are more resources available for advice. Here are some useful links to reputable organisations:

Cookie	Duration	Description
_wpfuuid	11 years	This cookie is used by the WPForms WordPress plugin. The cookie is used to allows the paid version of the plugin to connect entries by the same user and is used for some additional features like the Form Abandonment addon.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_VJ386FDBFV	2 years	This cookie is installed by Google Analytics.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Safeguarding