Online security

Log in to your Nest account

Logging in to your online Nest account for the first time helps stop scammers from taking control of it and getting access to your pension pot. Once you’ve logged in for the first time, don’t tell anyone your password – not even us. Then log in regularly and keep your personal details up to date, for example if you move home or change your name or contact details.

Choose a strong password

Passwords that are unique and difficult to guess are usually hard to remember. Try making a password out of a series of random words, by combining numbers, letters and special characters or use a password manager.

Be suspicious

Think before you click. Emails from Nest will come from an email address ending in @nestpensions.org.uk or occasionally from @videosmart.com, a trusted partner. Any other address is likely to be fraudulent. Fake emails may use generic greetings like ‘Dear Customer’ or none at all and may threaten to close your account unless you take action. Don’t open or click on anything you find unusual, just forward these emails to phishing@nestpensions.org.uk and then delete them.

Check your pension pot

If you're a victim of fraud, the faster you notice the better. We recommend you regularly log in to your online account and check your pension pot balance, your contributions over the last 12 months and any withdrawals from your pot. Whether you joined Nest yourself or through your employer, get in touch if you have any questions which need answering.

Protect your data

Check if your data has been stolen

The website Have I Been Pwned? allows you to check whether your personal online data has been put at risk due to data breaches. It’s a useful tool for anyone who wants to protect their security and privacy, including an alert that tells you if your information has been compromised.

Be careful who you share your personal details with, whether entering them online or discussing them in person. Take care with physical documents too – make sure you shred important letters before you throw them away and remember to redirect your mail when you move. Learn more about data privacy on the Information Commissioner’s Office (ICO) website.

Stay safe online

Make sure your WiFi network is secure and use up-to-date anti-virus and anti-spyware software. Log off after using your online account. Look for the padlock symbol in the address bar on the browser, which shows that you have a secure connection with a verified website. You can find more information about protecting yourself online on the National Cyber Security Centre (NCSC) website.

Use Nest’s bank details

If you're an employer, remember that Nest won't unexpectedly change bank details or ask you to send contributions to a different account. We certainly won’t ask you to make payments over the phone or via a link in an email, and will always direct you to log in to your online account.

How do I report fraud?

Think you’ve been a victim? If your Nest account has been subject to fraud or you’ve accidentally given away your details, tell us straight away and then report it to Action Fraud.

If you receive suspicious emails, please forward them to phishing@nestpensions.org.uk and then delete them. Run your anti-virus software if you’ve clicked on any links or opened attachments.

How will scammers target me?

Hacking

Hacking is carried out by fraudsters, usually using software that you're tricked into installing onto a phone, computer or any internet-connected device. Software that’s used to steal your data is normally triggered when you click on a link or open a file attachment sent by the fraudster.

Data theft

Information is stolen physically or digitally. Letters and documents could be taken from your mail or your home, or an organisation that you’re a customer of could suffer a data breach. Scammers might use this information to steal your identify and then apply for bank accounts and credit cards or documents in your name, like passports.

Impersonation scams

Scammers might call or text you and pretend to be from an organisation you trust, like your bank or HMRC. They’ll often claim you need to act urgently to pay a fake bill or to keep your money safe. The scammers will try to convince you to transfer money to them, or to tell them your personal financial details.

Cyber stalking

This is a type of harassment carried out by a stalker through online channels, like social media, forums and email. What might start as a few seemingly harmless messages can turn into systematic and frightening abuse. It can also include attempts to blackmail you, monitor your activity and steal your identity.

Phishing

You could be tricked into revealing data via a fake email or website that looks like Nest but has a slightly different address. Often, you’re asked to reveal personal information, open attachments, click a link or call a number that isn’t our main helpline. Our short videos have tips you can follow to protect yourself, whether you're a member or a business looking to protect your staff's pensions.