Stay safe online

Protecting your security

It's important to us that your security and privacy are protected when you shop online with Tesco. Use our helpful advice and tips to protect yourself and your devices, for all your online activities.

If you have any questions or concerns about your online security with Tesco or the status of your Tesco accounts including Clubcard, please contact us on 0800 023 4761.

How you can protect yourself

Useful hints and tips on how to protect yourself:


A typical phishing scam involves a fraudster sending an email to a customer claiming to be from their bank or other service provider. It may ask them to reset their security details by clicking on a link. The phishing site will ask for all of the customer's security credentials and maybe other details such as bank card number or Clubcard number. Please remember we will never ask for your bank or security details.

Malware, hidden within the links in phishing emails, is becoming more and more common. It's really important that you don't click on any links if you suspect it to be a phishing email. Your help is vital in combating this process so if you think that you've received a phishing email please forward it to us.

There is also the possibility that fraudsters could try to phish information via the telephone or through SMS messaging. When receiving phone calls or SMS text messages claiming to be from your bank please be vigilant. If you feel uneasy about what you are being asked please hang up and contact us on 0800 023 4761.

back to top button

Unsecured personal details

Never give personal or account details to anyone who contacts you unexpectedly. Be suspicious even if they claim to be from your bank or the police. If you are unsure then ask what company and department they are from, and then call the company directly.

Keep your security details safe and never record or store them in a manner which leaves them open to theft, such as in your purse or wallet.

The rise in popularity of social networking sites has also given fraudsters a great way to steal personal details from people who have minimal security settings or publish personal details on their homepage or message boards.

Fraudsters use stolen profiles to post messages to friends of the victim with links to malicious software. Always be careful when clicking on links even if you do know the person who posted it. One of the easiest ways to steal someone's personal or financial information is through having access to their post or waste. This can lead to identity theft such as account takeover or application fraud.

Theft of mail can occur either within the postal system or from your letter box. Communal letter boxes at the main doors of flats are common targets for fraudsters. They are often relatively easy to gain access to because the locks are not always secure.

Fraudsters can also request Royal Mail redirections in your name to divert mail to a new address. A fraudster may also have access to your mail at a previous address.

Ensure that you shred any documentation that includes personal information such as name, address, date of birth, passwords, PINs and financial information.

Always make sure you inform companies whenever you move house, and apply for a mail redirection with Royal Mail to give you time to update your address details. If you think that any of your mail has been lost or stolen, contact the company that it relates to.

back to top button

Keeping your personal information and documents safe

Keep valuable documents such as passports and drivers licences in a safe and secure place. Your collection bins outside of your home are ideal places for criminals to steal information. Ensure that you shred any documentation that includes personal information such as name, address, date of birth, passwords, PINs and financial information.

If you use the internet to buy goods and services, your information can be stored on numerous websites.

Do not presume a Wi-Fi hotspot is secure. Wi-Fi hotspots are convenient but can leave you vulnerable to intrusion. Most Wi-Fi hotspots do not encrypt the information you send over the internet and are not secure.

You can protect your information whilst using the internet by following these tips:

  • Do not stay permanently signed into accounts. When you've finished using an account, log out.
  • All it takes is for one password to be stolen and many of your personal details could be compromised. Ensure that you passwords and PINs are safe.
  • Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.
  • Many web browser's alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
  • Installing browser add-ons or plug-ins can help, too. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren't encrypted'.

back to top button

Keep your security details safe

Never give personal or account details to anyone who contacts you unexpectedly. Be suspicious even if they claim to be from your bank or the Police. If they claim to be the bank and you are unsure then ask what department they are, hang up and call the number on your statement or card. Never email financial information. Email is not a secure method of transmitting financial information like your credit card details.

When you login to Online Banking, we'll never ask you to enter all six digits of your security number. Never use your banking security details for any other website or mobile app.

Keep security details in a safe place. Don't write the PIN or other security information on the card or anything usually kept with it. If you do write down the PIN or other security information do this in a way which attempts to disguise it.

back to top button

Shop safely online

It pays to be careful about where you buy from online, especially if you have never bought anything from that company or person before.

If you're unsure then:

  • Search the internet for evidence of problems with other customers.
  • Check the privacy policy on the website. It should let you know what personal information the website operators are collecting, why and how they're going to use the information.
  • Look for https at the beginning of the URL. This indicates that the site is secure; the "s" actually stands for 'secure'.

We would also recommend further information on how to Shop online safely and Use online auctions safely at Get Safe Online.

back to top button

Create secure passwords

Creating a secure password is one of the simplest ways of keeping your details and accounts secure online. You can increase the security of your passwords by:

  • Using passwords that are at least 8 characters long
  • Using a combination of lower case and capital letters
  • Using special characters such as @$*&!?
  • Not using words that can be found in the dictionary
  • Not using words that are associated with you such as your partner's name or common
  • Sequences of numbers, for example 123 or your birthday

It's best to use unique passwords for each of your online accounts. This means that if one of your accounts is hacked, the others are not vulnerable.

Remembering lots of passwords is difficult; so it may help to use a system for creating strong passwords.

Firstly create a strong 'core' password:

  • Start with a word that you will remember such as your birth place, for example "London"
  • Spell in backwards to make it "nodnoL"
  • Then substitute numbers for certain letters: "no3n0L"
  • Add capitals to make it "NO3n0L"
  • Then add special characters so it becomes "?NO3@n0L"

If you start with this as your core password you can then add the first 3 letters of the website name you are using within the password, making it unique to that account. For example if you were using the password would become "tes?NO3@n0L".

Although creating a strong and unique password significantly improves your security online, you need to regularly change your passwords and make sure you never write them down to ensure your accounts cannot be easily hacked.

If you are at all suspicious about someone having access to your account you should immediately change your password.

back to top button

Protecting your Clubcard value

We recognise that the value you get from your Clubcard vouchers is the same as cash, and therefore at risk from the same threats as your financial accounts and bank cards. This is why we've introduced our guarantee to ensure you never lose out financially from fraudulent activity on your Clubcard account. In the same way that your bank protects your credit card transactions, we will reimburse your account if fraudulent activity is confirmed.

It's really important to treat your Clubcard, card number, passwords and paper statements with the same high level of security you apply to the banking equivalents. This site will give you some ideas to help you protect your Clubcard value. We also recommend for more helpful advice and tips.

back to top button

How you can protect your devices

Simple steps to protect your devices

Windows system updates

One of the things that malware attempts to do is take advantage of weaknesses and gaps in Windows security system. Windows works to ensure that it has patches to block up any weaknesses and gaps but it is the responsibility of the computer owner to ensure that these patches are downloaded.

Benefits of updating Windows:

  • Protects your computer against malware.
  • Helps to protect against some cyber-criminal attacks.
  • Improves performance.
  • Fixes bugs.
  • Adds features.

How to update:

If you haven't already done so, we would always recommend switching on the Windows Automatic Updates.

You can find out how to switch this on here

You can also manually update Windows here.

Help and further information:

Get more information on Windows Updates at Get Safe Online.

back to top button

Use a firewall

A firewall is a protective barrier designed to block unauthorised access while permitting authorised communications.

You may have previously seen a firewall in use when trying to download some software from the internet. You will be warned when the computer is trying to download something and asked for authorisation to carry out the download. This is Windows built-in firewall that is provided in XP, Vista and Windows 7.

How to check if your firewall is turned on: Installing or checking the settings of your Windows firewall can be done by going to the Security Centre in the Control Panel.

Help and further information:

We also recommend further information on firewalls at Get Safe Online.

back to top button

Install anti-virus software

Anti-virus software is an essential tool to keep your computer safe and secure. Without it you are leaving yourself open to growing varieties of viruses and Trojans (malware) that are on the internet. Up to date anti-virus software is able to block malware from infecting your computer as well as detect and remove malware that is already present.

Help and further information:

Get more information about anti-virus software at Get Safe Online.

back to top button

Use your browser's help feature

Many internet browser's have security features which help to protect you when you're online. Check the security and privacy section of the website for your browser for more information, or use the Help section within the browser itself.

To benefit from the best security make sure you always use the most up-to-date version and install any available updates.

back to top button

Protect your mobile apps from malware and security breaches

Look for signs of Malware on your phone. If your phone sends email or text messages that you didn't write, or installs apps that you didn't download, you could be looking at signs of malware.

Update your apps; updates often have security patches that protect your information and your device from the latest malware.

If you think you have malware on your device do the following:

  • Contact customer support for the company that made your device.
  • Contact your mobile phone carrier for help.
  • Install a security app to scan and remove apps if it detects malware.

back to top button

How we protect you

The security of your account is a priority for Tesco.

We feel that the best way to keep you secure without impacting your ability to use your account is by using a multi-layered approach that uses tools and techniques that targets individual fraud issues. We would like to tell you about some of the things we have in place to protect you and your money.

Email alerts

We may sometimes email you to tell you about the following:

Features about your account that are either new, you have yet to use, or have changed Notifications that you have changed some of your personal or security details with us. This is a particularly important fraud prevention measure. If you are notified of a change you didn't make, call us on 0800 023 4761.

back to top button

Enhanced Online Security

We use the latest technology to manage your online experience. Not only does this reduce the risk of fraud, preventing fraudsters from using stolen security details to access your account online, but it also makes online access easier.

Registering for Online Clubcard.

You can register your Clubcard Online. This means we can be confident it's you who is using your account.


All our servicing and application processes are protected through a secure connection. You can tell whether you are using a secure connection as your browser will show either icons in the address bar or padlock symbols on the bottom bar of the browser window.

back to top button

Anti-phishing strategy

Although we have a range of anti-fraud systems and tools to help prevent and detect fraud that stems from phishing emails we also work to close down phishing websites as soon as we detect or are notified of them.

This not only reduces the risk of phishing but also protects unsuspecting recipients of phishing emails from being targeted by any malware that is attached to links in the phishing message. Your help is vital in this process so if you think that you've received a phishing email please forward it to us at

back to top button

Account Monitoring

We use a variety of sophisticated tools that monitor account behaviour for signs of fraud. These tools significantly reduce the risk of fraud occurring on your account.

If we do spot some suspicious activity on your account we may contact you by phone, SMS text message (Credit Card only), or letter in order to confirm the transaction or changes to your account. If you are unsure about the authenticity of the communication, then please call us on 0800 023 4761.

back to top button