1. Stop account access
Tell your bank or card provider if money moved or account access looks wrong. Change passwords starting with email, then banking and shopping accounts.
Work through the sequence
2. Secure devices and email
If you installed software or opened a suspicious link, run antivirus and follow NCSC guidance. Use two-step verification where available.
3. Check credit reports
Look for searches, accounts, credit applications or addresses you do not recognise. Keep screenshots and dates.
4. Consider fraud markers
Cifas Protective Registration can prompt extra checks when your details are used to apply for products. It can slow genuine applications, so read the rules first.
Keep a simple fraud diary
Record the date you noticed the problem, who you contacted, reference numbers, account names, screenshots, letters, rejected applications and any further suspicious messages. That diary helps if a bank, lender or ombudsman later asks what happened.