Alert: Potential Misuse of Payment Card Details

20 February 2023

It has come to our attention that a suspected cybercriminal has utilised an Installation ID provided by our third-party payment provider Worldpay to test stolen credit/debit card details to determine if they are active.

They do this by attempting to take a nominal amount (typically 1-20 pence) from the card to see if it has been successfully processed.

If you have noticed a transaction of a similar amount that says it's from SiteBuilder DIY, you should assume that your card details are compromised and vulnerable. We would recommend freezing your card immediately and contacting your bank's fraud team for further advice.

We would like to reassure you that SiteBuilder DIY is a legitimate business that has been in operation for over 20 years. Our data has not been breached and we do not have access to your card or contact details. What has happened is that an Installation ID provided by Worldpay and associated with us (but no longer used by us) has been hijacked by the suspected cybercriminal for the sole purpose of testing stolen credit/debit card details.

As soon as we were alerted of this, we notified Worldpay to ensure that it was disabled. We have also reported this to Action Fraud (the national fraud and cyber crime reporting centre) - Crime reference number: NFRC230205685765

We would recommend contacting your bank's fraud team in the first instance but if you would like to contact us for more information, please call the SiteBuilder team on 0191 261 2991 or email us at