If you can still log in to your ShieldPay account, but you suspect that someone else may be using your account, or unauthorised activity appears to be occurring, the first thing to do is to log in and change your password, even if you have no reason to believe that someone else may have discovered your password. Fraudsters often have password-guessing programs, so the best way to be sure nobody knows your password is to change it. You can change your password much more quickly than we can, if you can still log in.
To change your password, you must first log in. Then click on “My Account”, and under “Password”, change your password. See above under “What makes a password good?” for advice on how to select a strong password. When you change a password, we secure the communication channel between you and our servers, so changing a password is generally a secure process and you need not worry that someone is eavesdropping. Select your new password carefully and avoid any resemblance to the old one.
After you have changed your password and logged in again, please confirm which activity appears to be unauthorised. There is a significant difference between “I don’t remember making that payment” and “I know I didn’t do that payment because I have never heard of Millie’s Handbags, I’m a bloke, and I don’t use a handbag.” Please do not report a payment as unauthorised unless you are sure that you did not authorise it. Intentionally and falsely reporting a payment as unauthorised can amount to fraud.
If you are sure that unauthorised activity has occurred, please report that to ShieldPay by contacting Customer Support on firstname.lastname@example.org or 0208 610 9599. However, report the unauthorised activity only after you have changed your password: changing your password regains your control over your account and is an essential first step, before sorting out the consequences of a loss of control.