This guide builds on the official UK Government cybersecurity advice for families and individuals (www.ncsc.gov.uk/section/advice-guidance/you-your-family) and adds patient-specific tips for people with aspergillosis.
Feeling overwhelmed?
You’re not alone. The internet and phone landscape can feel like a minefield, especially when you’re trying to manage your health too. No one expects you to become an expert in cybersecurity overnight. The aim of this guide isn’t to scare you — it’s to help you take small, realistic steps to protect yourself.
Just like with your health, doing the basics well goes a long way. You don’t need to memorise everything — focus on:
- Using strong passwords (or a password manager)
- Being cautious with texts, links, and phone calls
- Asking for help when something doesn’t feel right
- Always accept updates on your phone, browser, or computer when offered — these often fix known security problems and help keep you protected.
It’s okay to stop and ask: “Does this sound right?” If in doubt, check with someone you trust.
Top Scam Red Flags
Watch out for these common signs that something could be a scam:
- You’re told to act urgently or keep it secret
- You’re offered money, discounts, prizes or help out of the blue
- You’re asked to click a link or open an attachment in a message
- A caller claims to be from the bank, NHS, government, or police, but something feels off
- You’re told the second part of a message will come from a different number or address
- You’re asked to confirm personal, financial or password information
- You’re asked to download software or apps to “fix” your device
- You’re pressured to stay on the phone or not call anyone else
If in doubt, hang up, delete, or double check with someone you trust.
1. Protecting Your NHS and Medical Accounts
- Use strong, unique passwords for your NHS login, GP apps (e.g. Patient Access, myGP), or hospital portals.
- Enable two-factor authentication (2FA) wherever it’s offered.
- Never share your NHS login or codes with anyone.
- Always go directly to the official app or website, not through links in emails or texts.
2. Beware of Scams
- Scams can take many forms — phone calls, emails, texts, or fake websites.
- Be especially wary of anyone offering money, discounts, prizes, or urgent deals.
- Criminals may pose as trusted organisations like your bank, utility provider, government, or even the NHS.
- As a general principle: if something seems too good to be true — such as offers of free money, major discounts, prizes, or miracle cures — it almost certainly isn’t real. Be suspicious of anything that promises unusually high benefits for little or no effort.
- If in doubt, forward suspicious messages to [email protected] (Link) or speak to someone you trust before taking action.
3. Using Online Support Groups Safely
- Facebook groups and forums can be great for connection, but don’t post:
- Your address, phone number, or full date of birth
- Photos of prescriptions or test results
- Don’t click links shared by strangers, even if they seem friendly.
- Moderators or admins should never ask for sensitive personal details.
4. Shopping and Donations
- Be cautious when buying medical supplies or donating online.
- Stick to trusted UK pharmacies and charities.
- Watch for copycat sites that look like legitimate health organisations.
5. Email, Phone & Text Safety
- Don’t click on links or open attachments in messages claiming to be from the NHS, unless you were expecting them.
- Never share passwords or bank details over email or text.
- Never give out your account numbers or passwords, especially if someone is trying to rush or pressure you.
- Scam texts can fake NHS or GOV.UK addresses — check official sites if unsure.
- Even texts or emails that appear to come from your bank can be faked. A common red flag is a message saying that a second text or email will come from a different number or sender — ask yourself why a genuine organisation would do this. Real authorities go to great lengths to be verifiable.
- If someone calls and tries to rush or scare you, hang up and call back using an official number from the NHS or your GP’s website.
- If in doubt — or even as a general principle — hang up and call a number you can verify yourself, such as:
- The number printed on the back of your bank card
- The official website of a company or authority (searched independently)
- Avoid using any contact information provided by the caller or in a suspicious message — treat it as untrustworthy until confirmed.
- To check a suspicious link in a text, don’t click — instead, search for the organisation’s website directly or ask someone you trust.
6. If You’re Shielding or Vulnerable
- You may be more targeted by scams pretending to offer:
- COVID-19 test kits, antifungal treatments, or priority delivery slots
- Access to urgent medical appointments or services
- Verify any offer with your NHS care team before taking action.
7. Keeping Your Devices Safe
- Install antivirus and keep your phone/tablet/computer updated.
- Always accept software updates — they patch security flaws that criminals may try to exploit.
- Set devices to auto-lock and use a passcode or fingerprint.
- Avoid using public Wi-Fi for medical logins or financial information.
Do You Still Need Antivirus?
- Windows PCs: Yes — always install antivirus. Microsoft Defender (built-in) is good and free. You can also consider free versions of AVG, Avast, or Bitdefender.
- Mac computers: Less targeted, but still recommended. Free options include Avira or Sophos Home.
- Android phones: A good idea, especially if you install apps outside the Play Store. Try Bitdefender or AVG.
- iPhones/iPads: Antivirus apps aren’t usually needed if you keep iOS updated and install apps only from the App Store.
Whichever device you use, updates and cautious browsing are just as important as antivirus software.
8. Best Ways to Use Strong Passwords
Cyber security can be time-consuming and even irritating — but as malicious activity becomes more sophisticated, it’s worth the effort. Consider using different levels of passwords for different kinds of accounts:
- Low-level passwords for things like newsletters or forums
- High-level, strong passwords for NHS, banking, or health-related logins
Make Passwords Long and Unique
- Use at least 12 characters, mixing letters, numbers, and symbols
- Avoid personal info like names or birthdates
Use a Password Manager
- Tools like Bitwarden, 1Password, or Apple Keychain securely store passwords
- You only need to remember one master password
Use Passphrases for Important Accounts
- Combine random words to create a memorable but strong password, like:
Correct!Horse-Battery!Staple99
Turn On Two-Factor Authentication (2FA)
- Adds a second layer of protection, such as a code from your phone
- 2FA ties your account to a specific device (like your phone), meaning a criminal would need access to that device as well as your password to break in
Use a Unique Password for Every Account
- Never reuse passwords
Avoid These Mistakes
| Mistake | Better Option |
|---|---|
| Reusing passwords | Use a password manager |
| Writing them down | Use encrypted storage |
| Adding “123” to a word | Use unrelated, random words/symbols |
When to Change Passwords
- If your account may have been hacked
- If the same password is used elsewhere
Is It Safe to Use Chrome or Other Browser Autofill?
Using Chrome, Firefox, Safari, or Edge to autofill logins can be safe with the right precautions:
- Your device should be private and locked with a passcode or fingerprint
- Your browser and operating system should be kept fully up to date
- You should avoid storing logins for sensitive accounts (e.g. banking, NHS login)
Risks to consider:
- Passwords stored in browsers can be accessed by malware or rogue extensions
- If someone gets access to your device, they may access saved logins
Safer Alternative:
- Use a dedicated password manager (like Bitwarden, 1Password, or Dashlane)
- These offer stronger security and are harder for malware or hackers to access
If you do use browser autofill, protect your device and account with:
- Two-factor authentication for your Google, Apple, or Microsoft account
- A strong device password or biometric lock
9. Finding the Happy Medium
Cybersecurity doesn’t have to take over your life — the key is to find a realistic balance between staying safe and staying sane:
- Focus on protecting your most important accounts first — especially NHS, email, banking, and anything medical
- Don’t ignore warning signs, but don’t feel you have to be perfect with every app or device
- Use automation where possible (e.g. password managers, browser autofill, device lock)
- Ask for help if you’re unsure — carers, family members, or digital support charities can assist
Think of it like seatbelts — you hope you never need them, but they’re worth the hassle when something goes wrong.
Useful Links
- UK NCSC advice for individuals & families – constantly updated and UK government verified: https://www.ncsc.gov.uk/section/advice-guidance/you-your-family
- Report phishing emails: [email protected]
Remember: Your health is private and valuable. Treat your medical and personal information like you would your bank details. Stay cautious, ask questions, and when in doubt, ask a trusted health professional or carer.
Latest News posts
News archive