Stay safe online
We want all our customers to have an enjoyable shopping experience with us whether in store or online at wilko.com
To help, we’ve provided some useful info below to help you stay safe online.
It’s important you use a strong password to stop anyone else getting access to your online account. Here are some of our top tips for creating a password:
- Create a unique password just for your wilko account and don’t use it anywhere else. Hackers use stolen passwords to attempt to logon to other online systems. If your passwords are unique, you won’t need to change all your passwords if one of the online systems you use is breached
- Use a strong password. Your password for your wilko account will need to be at least eight characters and contain at least one number. However, it’s worth considering a longer password that contains a mix of letters (both upper and lower case), numbers and special characters too
- Instead of plain text words using a phrase (eg a line from a song) that means something to you and take the first letter from each word for the password then mix up with symbols number and upper case. Chose something that is not easy to guess by others.
- Include three random words in your password that are memorable to you but not easy to guess by others. For example: teakwaterbus
- Combine your three random words with numbers, and special characters to make the password even stronger. For example: Teakwaterbus2*
- Don’t use passwords that contain common words. Avoid using obvious phrases like ‘password’, or your name, or phone number, even if they are used with a number to meet the minimum password requirements.
The following are examples of bad password choices so don’t use any of the examples presented.
- Use a password manager to store your passwords in, or if you’re using a modern web browser you can also save your passwords in your web browser
- If you write your passwords down on paper, keep those passwords safe and away from your device so they can’t be easily found and used
Criminals use email, phone calls and text messages to try to trick people into providing information they can use to commit fraud.
Here are some of our top tips to help you avoid being the victim of fraud:
- Is the message claiming to be from someone official? For example, your bank, doctor, a solicitor, or a government department? Criminals often pretend to be important people or organisations to trick you into doing what they want. If you’re not expecting a message, don’t engage in a conversation or reply to the message
- Be suspicious of being given a limited time to respond (such as 'within 24 hours' or 'immediately'). Criminals often threaten you with fines or other negative consequences
- Avoid any engagement where the message makes you panic, fearful, hopeful or curious. Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more
- If you think the message is genuine, visit the official website, log in to your account, or phone the advertised phone number. Don't use the links or contact details in the message you have been sent or given over the phone
As cyber criminals constantly change their scams, we often see a shift in their activity, and more recently we've been made aware of an increase of 'smishing' threats at wilko.
In a smishing scam, an SMS text message that looks to be from an official source will prompt you to click a link within it. That link will either download a virus or redirect you to a malicious website trying to steal your credentials or other personal data. We've seen a range of smishing scams, from pretending to be HSBC bank requesting to click a link for authorisation, to messages from Royal Mail asking to click a link to pay extra postage. .
Most mobile phones don't have the same level of protection installed like our servers, networks and emails do. So, if you receive a suspicious text message with a link, please do not click on it.Forward the text to 7726, this will allow your network provider to investigate and take any necessary action.
Reporting suspicious activity
- If you receive an email from wilko that you don’t think is genuine, please forward it to email@example.com
- If you receive a text from wilko that you don’t think is genuine, please take a screen shot of it and forward it to firstname.lastname@example.org
- If you think you’ve been the victim of a cyber security incident related to wilko.com please contact email@example.com
- If you think you’ve been a victim of fraud, please contact Action Fraud (customers living in England, Wales or Northern Ireland) or Police Scotland (customers living in Scotland). Their contact details are:
Action Fraud (customers living in England, Wales or Northern Ireland)
Telephone: 0300 123 2040
Police Scotland (customers living in Scotland)