Common online threats

Criminals are skilled at using online methods to obtain your personal information and use it to commit fraud against you or others.

Understand the risks

It’s a common misconception that only careless people become the victims of fraud. As the sophistication of fraud increases, it’s becoming harder for potential victims to spot when they are being targeted.

Your first step is to be aware of the common online threats and how they operate.

Viruses (including trojan horses and worms) are not just designed to cause harm to a computer or to launch a denial of service attack on a computer network. They’re increasingly used for fraudulent online activity aimed at parting you from your personal data and your money.  

Viruses are contagion methods that can be used to:

  • Install spyware/adware
  • Scan machines for sensitive information
  • Install keylogging software


A virus is a programme with the specific aim of replicating itself by infecting other files. The prime objective of any virus is to multiply and spread as far as possible.

Trojan horses

A trojan horse differs from viruses and worms in the way that it spreads. It hides itself in a seemingly useful program of some kind (such as a screensaver or game) but does not attempt to duplicate or spread itself.


Different to the computer viruses that multiply within the system and spread by contact, worms are malicious programs designed to disrupt computer operation or gather sensitive information by spreading from one machine to another via a local network or the internet. Some worms can also spread as email attachments; other types of virus-worms spread by exploiting weaknesses in software and need no help from the user.

How can I protect myself?

Avoiding free software and installing good antivirus software, a firewall and spyware application will go a long way towards preventing viruses, trojan horses and worms from infecting your PC.

It’s important that you also ensure that you always keep up with your software updates, especially those of your operating system and web browser.

If you use a mobile device to access the internet, protect it by installing antivirus software.

Spyware is software that records your actions and movements on the internet. Although some spyware is aimed at obtaining confidential information (such as your credit card number or your passwords), most is used for advertising purposes.

Once spyware is installed, every site that you visit and every link that you click is spied on in order to display advertising that is targeted according to your interests. Also known as adware, this spy software uses your system resources and slows down your computer. Even worse, when it comes from adult content sites, it may display images that are unsuitable for children.

How can I protect myself?

To avoid this malicious software (malware), the golden rules are to:

  • Update all your applications so that any flaw is corrected
  • Install antivirus software
  • Install a firewall
  • Install an anti-spyware application

A keylogger records all the keystrokes made by a computer user: everything they type, including user codes and passwords for all online services. Keylogger software can be found in:

  •  Emails
  •  Booby-trapped websites
  •  A Trojan horse or virus

Once the file is executed, it starts to record keystrokes and emails the data to its author.

How can I protect myself?

To combat keyloggers, it’s best to avoid accessing your online bank account or investment information from public computers where you can’t be sure of the level of protection.

On your home computer, install:

  • Antivirus software
  • A firewall
  • An anti-spyware application

Typosquatting relies on the typing of a website address (URL) with a minor typing error. For example, instead of typing, you might accidentally type This simple mistake could see you diverted to a spoof website set up to look like the genuine website where your personal details can be obtained without your knowledge.

How can I protect myself?

To avoid being caught out by these scams, always type the right website address into the address bar and double check it before you enter your personal details.

At M&G, we use brand protection measures to monitor sites on the internet that register and use similar URLs and content as our own. We take appropriate steps to ensure the early detection and immediate takedown of malicious sites which can be used for phishing and similar scams.

Online phishing scams operate via e-mail, instant messaging (IM), or by SMS. The purpose of most is to make victims click on a link believing that it will lead them to a legitimate website of their bank, retailer, government agency, or credit card company. The link actually leads to a similar looking fake website where you are asked to divulge personal information.

This can appear to be for a genuine reason (including alleged urgent security or technical problems). Scammers usually ask for login account information, passwords and PIN numbers, etc. This information is stored and used subsequently by phishing scammers for fraudulent purposes.

There are many other similar scams such as chain mail scams, invitations to purchase cheap (counterfeit) software or goods, phony fraud alerts relating to your account or money transfer requests designed to try and trick you into giving out your personal and banking information as well as your money.

How can I protect myself?

If possible, avoid following links from an e-mail, IM, or SMS to a website in order to enter personal information, especially when the communication is unsolicited. Choose instead to type in the official website address for yourself.

Protecting yourself from unwanted spam (or junk) email by making use of spam-filtering software (incorporated into most webmail systems) will reduce the chances of receiving such emails.

Should you receive a suspicious email we would recommend that you do not respond to it and where possible notify the company concerned using their publicly listed contact details immediately. In the case of M&G please forward the suspicious email to us at

It’s also important to keep up to speed with other fraudulent scams and to find out how to check if an email is genuine.

The radio signals of wireless networks (Wi-Fi) can be intercepted by others, including those with criminal intent. This means that your personal and financial information could be at risk.

As well as eavesdropping on your network traffic and subsequently hacking into your PC, criminals can use your connection without your consent.

Criminals may also set up Wi-Fi networks that use the same name as legitimate networks, such as those found in coffee shops, tricking you into entering your personal information on what you think is a safe network but where they can view your actions.

How can I protect myself?

Modern network routers incorporate several security features but these must be set correctly to be effective:

  • Make sure your router's firewall is turned on and that you also run firewalls on all computers and devices connected to the router
  • Use a strong password for the wireless access point
  • Ensure appropriate Wi-Fi encryption is applied to the network
  • Make the network less visible by switching off SSID broadcast (broadcasting of the network name over the air at regular intervals)

Contact your Internet Service Provider for further guidance on the above.

Take extra care when using public access points and ensure that you trust the Wi-Fi network you are connecting to. Consider disabling the auto connect feature of your laptop or portable device so that you only connect to networks when you want to.