Every MOT tester has a direct role to play to prevent ghost MOT fraud, and it begins with the way they manage their MOT Testing Service login. The DVSA has confirmed that external criminals have already compromised MTS accounts by obtaining tester login credentials. When that happens, fraudulent tests can be entered remotely through a genuine account, making them difficult to detect and placing the account holder at serious risk.
The most important step any tester can take is to use a strong, unique password for their MTS account, and to ensure that any email account linked to their MTS profile is equally well protected. Using the same password across multiple platforms, or choosing something that’s easy to guess, significantly increases the risk of an account being accessed without authorisation.
Testers should switch to an authentication app for their MTS security code if they haven’t already done so. This method generates a time-sensitive code on a personal device and doesn’t rely on email delivery, which can be intercepted if the email account is compromised.
Signing out of MTS at the end of every session isn’t optional. A logged-in session left unattended, whether on a shared computer or a personal device, is an open invitation. Login credentials must never be shared with another person under any circumstances. Each tester must access MTS only through their own account, and any suspicion that an account has been accessed without authorisation should be reported to the site manager and the DVSA immediately.