T-Mobile makes online security a priority because we want you to feel completely confident about using our website. The following explains how we use and protect the information you might give us.
We store all your account details and other such information on secure servers, adhering strictly to all relevant UK legislation. We protect any passwords from interception and credit card numbers and other important data are encoded (using 128-bit SSL encryption software) so that when transmitted they can't be viewed fraudulently.
Contacting us by email or phone
We recommend you set up a Customer Services password to protect your account details. If you don't already have one it's simple to set one up next time you call - common examples include your mother's maiden name or your favourite pet's name. We are also introducing a PIN as part of our automated telephone system. Once you have a PIN this is all you will need when you call us - though you'll still need your Customer Services password if you email. You must set up a Customer Services Password or PIN if you want anyone other than yourself to access your account.
Reviewing your account online
You will need to set up a separate My T-Mobile username and password to access your account details online. This password should be at least eight characters long (maximum 15), and include at least one number (but no spaces). See more
Spoof websites and email security alerts
Fraudsters create authentic looking, but false or "spoof" websites. Their purpose is to tempt users to enter personal information. This information will be re-used to try and access your bank accounts. Fraudsters are increasingly turning to email to generate traffic to these websites.
Recently customers of several financial institutions have received such emails and this activity is only likely to increase. Such emails typically contain a link to a spoof website and advise account holders to enter User names and passwords so that security details can be updated, or passwords changed.
If you get any email containing an embedded link and a request for you to enter any personal details, treat it as suspicious and do not input any personal information, even if the page appears legitimate. No reputable company ever sends emails of this type.
If you believe you may have fallen victim to identity fraud or impersonation, CIFAS (the UK's Fraud Prevention Service) advises you take the following steps:
- Obtain a copy of your credit file from the credit reference agencies (see the CIFAS Website at www.identityfraud.org.uk Advice for Victims for further details).
- Contact everyone involved immediately and keep a record of all of your actions (who you spoke to and when, copies of letters sent and received etc).
- Immediately report the incident to the police, especially if it involves stolen identification documents. Insist on receiving a Crime Reference Number or some documentation to record the incident.
- If a passport or driving licence is stolen or lost it should be reported to the authorities as soon as the loss is known. Also report any suspicious circumstances.
- Immediately report all stolen cheques or cards to the issuers, and request new ones. Follow up telephone calls with written notification. Get new cards, account numbers and PINs if you use credit or other plastic cards to access banking services. Don't continue to use a compromised PIN.
- Notify Royal Mail immediately if you suspect mail theft or suspect a mail redirection has been fraudulently set-up on your address - they have an investigations unit who will be able to help.
- Destroy all cheques and cards immediately after you close a bank account. Ask your bank not to send new chequebooks and credit cards to your home address. Tell your bank that you prefer to pick them up.
If you believe you may have fallen victim (ie you have received a bill for an account or additional number which fraudulently uses your details), you should contact us as soon as possible.