Security Centre

We work hard to ensure our clients' accounts and online dealings are as safe and secure as possible

Frequently asked questions

• ---

  My personal data has been compromised through deceit or data loss – what should I do?

  If you have reasons to believe your details may be at risk, there are steps you can take to protect yourself from fraud. You can regularly obtain a copy of your personal credit file from one of the credit reference agencies to see which financial organisations have completed checks on your details as this would indicate they have received an application in your name. Those credit reference agencies may also be able to offer a protective registration service which will alert you whenever your details are used to apply for financial products – please note there may be a fee for this service. You should inspect your post – many organisations will send out welcome letters which should alert you if anything untoward is happening. If you believe your post is being intercepted please contact Royal Mail who will be able to offer further guidance on how to tackle the problem. If you are an existing Hargreaves Lansdown client and experience problems with your post, please let us know.

  If your personal details have been used for fraudulent purposes (for example to open an account in your name), you should make a report to Action Fraud as a victim of identity fraud. You should also contact the company who received the application directly, to inform them of the situation.

  ---

• What is a boiler room scam?

  Boiler rooms are financial operations which involve high-pressure selling tactics in order get investors to purchase shares that are either worthless or do not exist. The initial contact from a boiler room will often start with a telephone call that comes from out of the blue. These operations will obtain your contact details from a variety of sources, for example the old share registers. In recent years boiler rooms have evolved to employ different tactics whereby they offer to buy shares. In this situation they will offer to buy shares at a premium, perhaps stating this is due to an imminent takeover. They can also contact you with an offer to buy your delisted shares. Once this has been agreed they will then ask for an upfront payment in order to complete the sale, which will usually be masked as an overseas tax charge or dealing fee. Boiler rooms are almost always based outside the UK. In order to promote or sell shares in the UK, firms must be registered with the FCA. It is illegal to carry out this activity whilst unauthorised. This includes any firm that is based overseas and is operating within the UK.

  If you deal with an unauthorised firm, you will not be eligible to receive payment under the Financial Services Compensation Scheme.

  If you ever receive an unexpected high-pressure telephone call and are concerned about the legitimacy of the company you should always ask for the caller’s full name, company name, company registration details, their telephone number and where they are located. You should then conduct your own independent research to check if the details you’ve been given correspond to the information available publicly. Bear in mind however that some boiler rooms may use legitimate companies’ details as their decoy. You can verify any contact you have received by contacting the company directly, using the details you have found independently rather than the ones given to you by the caller. Where you are dealing with a call regarding investments you should also ask whether they are authorised by the FCA and request their FCA reference number. You can check for FCA regulated firms by searching the Financial Services Register. You can also contact the FCA’s Consumer Helpline on 0800 111 6768.

  How can I protect myself?

  • Reject cold calls.
  • Always do your own research.
  • Remember, if something sounds too good to be true it most likely is.

  ---

• Why am I having trouble logging in?

  If you are experiencing difficulties logging into the secure section of our website or are being asked to log in repeatedly at inappropriate times during a session we would suggest clearing your internet cache. If using a Windows PC, you can do this by holding 'control' and pressing 'F5' whilst on the relevant web page.

  Hopefully this will resolve the issue for you however if it does not it is worth trying a more extensive reset. To do this please hold 'control' and 'shift' and then while holding these press the 'delete' key. This will open a window titled 'Clear browsing data'. If there is an option to set the time range to clear, please set that to the furthest back you can and ensure that if 'Preserve favourites website data' appears then that is not ticked. You will also then need to check that any option that mentions 'Cookies' or 'Website data' are ticked and then confirm this action with the 'Delete' or 'Clear browsing data' button at the bottom of this window. If using Safari, navigate to the privacy tab, and click 'Remove All Website Data'.

  ---

• How do I change my Online Password and/or Secure Number?

  Once you’ve logged in click ‘Account settings’. ‘Password and timeout preferences’ and then ‘edit details’ for Online Password & Secure Number.

  ---

• How do I change my Trading Password?

  You can change your Trading Password by clicking on ‘Account settings’, ‘Passwords and timeout preference’ and then ‘Edit Trading Password’.

  ---

• Can I change my Username?

  You will not be able to change your unique username, however if you believe that it has been compromised, please contact our online support team on 0117 980 9953.

  ---

• Why are my login details displaying incorrectly/ entering automatically?

  This could be the result of your web browser having a setting called 'Autocomplete' or 'Autofill' enabled. This is where the web browser saves your log in details or card details for websites to either simplify or speed up a log in procedure or payment.

  For security reasons this is something that we would not usually advise having enabled and our website will try to prevent this from being used. It is possible to disable this feature within your browser's settings. For example to do this on Google Chrome, navigate to 'Settings' then 'Show advanced settings'. Under 'Passwords and forms' ensure that both boxes are unselected.

  ---

• What do I need to do if my email account has been compromised?

  If you believe your email account has been compromised you need to take immediate steps to secure it by resetting your password. You should use strong passwords with a variety of characters and avoid using dictionary words or real names associated with you.

  If you use combinations of the same passwords across various sites, then you will have to also reset those credentials. Check your spam/junk folders for traces of any password reset requests or replies to emails which have not been sent by you, as fraudsters may have tried to launch a phishing attack to your contacts.

  If you use email programs or you get your email on your phone or tablet, you will have to swap the compromised details on each device for the newly created secure password. Consider all the implications of a compromised email account – think what information a third party would be able to glean from the emails stored in your account and take action as required.

  Finally, make sure you perform detailed sweeps of your device to check for any weaknesses which could have facilitated the breach of your email account.

  Please remember that if you are set up for paperless service with various organisations you do business with, they will use your email address for vital communications, many of which are designed to alert you of any unauthorised activity. Contact those providers directly to check if any changes or actions have been performed in the time your email account was controlled by the fraudsters.

  If you are concerned about similar breach happening in the future and want protection going beyond strong, unique passwords, you could enquire with your email provider if they have any two-factor or two-step authentication solutions on offer for you to utilise.

  ---

• How do I tell when I last logged in?

  The exact time and date stamp of your last login session is displayed in the top corner of the page each time you log in. This information is a good way of ensuring you are the only person using your account.

  ---

• Can I use my account abroad?

  We do not place any restrictions on logging in to an account and placing trades while accessing it from abroad. Please bear in mind that public Wi-Fi hotspots are usually unsecured and therefore we would advise that you avoid using them when accessing your Hargreaves Lansdown account regardless of your location. We also do not recommend using public access computers to log in to your Hargreaves Lansdown account.

  ---

• How secure is public Wi-Fi?

  We generally suggest that you avoid public wireless networks to access your Hargreaves Lansdown account. Public Wi-Fi networks either do not require authentication at all or require a password which is the same for all its users, both of which create a playing field for fraudsters who can target unsuspecting individuals and glean precious information floating in an unsecured environment. Turn off Wi-Fi when you are not using it which will prevent your device from automatically connecting to networks.

  Please remember that changing your passwords regularly is one of the most effective ways to ensure the safety of your accounts. If you have accessed your Hargreaves Lansdown account in a public Wi-Fi zone, next time you are within your secure connection consider changing your password.

  ---