There is no denying the fact that it is convenient to shop online. We’ve known that for years and collectively, we’ve had to lean heavily on that convenience during the COVID-19 pandemic and subsequent stay-at-home orders.
At Addition Financial, we always want our members’ personal information to be safe. We recognize that it can be difficult to protect your personal information when you do your shopping or conduct business online.
We’ve compiled this list of nine safeguards that you can use to shield your personal information and protect yourself from fraud and identity theft.
#1: Never Use the Same Password Twice
Our first tip has to do with a mistake that many people make when they are online: using identical passwords for more than one website. While you might think it’s convenient not to have to remember multiple passwords, it leaves you vulnerable to identity theft and fraud. If a hacker gets your password for your Amazon account, they shouldn’t also be able to log into your bank or credit card account.
We understand that it can be difficult to keep track of multiple passwords. For that reason, we recommend using a password manager like LastPass to keep track of your passwords.
#2: Use Strong Passwords
In keeping with our first tip, a related protection involves using only strong passwords for your online accounts. A strong password should be something that a hacker or acquaintance couldn’t easily guess. Nishank Khanna of Clarify Capital told us:
“Don’t name your password after your dog. Strong passwords have a combination of upper and lower-case letters, numbers and symbols. They’re longer and have no semantic meaning alone. In other words, they’re not a simple word.”
Using a password manager makes it easy to generate random passwords to use online. The password manager will generate the password, fill it in the required fields and save it for you. You can use LastPass, which we mentioned above, on both your computer and smartphone to protect your passwords and make it easy for you to log in securely wherever you are.
#3: Don’t Click on Unverified Links
This tip comes to us from Mason Miranda, a Credit Industry Specialist with Credit Card Insider. He told us:
“Fraudsters may create fake websites that look almost identical to that of [a] legitimate business or entity. Ensure you are on the actual retail site, not a fraudulent one, by Googling it, double checking the URL and NOT following links through social media.”
This type of fraud is known as phishing. It can be done via email or on social media, usually by sending a “spoofed” link that leads to a site that looks identical to a legitimate website. There are a few things you can do to protect yourself:
- Don’t open any email that looks suspicious. If you open an email that asks you to click on a link to change your password (and you didn’t ask to change your password) do NOT click on the link. Instead, navigate to the website by typing in the URL.
- If you’re not sure whether a link is legitimate, hover over it with your mouse and look at the bottom of your screen if you’re on a computer. You should see the URL of the site the link connects to. If it does not look legitimate, don’t click on it. For example, the URL of Netflix is www.netflix.com. If there are any extra characters or words, do not click it.
- Never reply to any email that asks for your password, PIN or any identifying information.
- If you receive a phishing email or message, report it to your email provider or to the social media site where it was sent.
Reporting phishing emails will protect you from receiving emails from the same source in the future and will also prevent the person who sent it from hurting others.
#4: Protect Your Phone
If you lose your phone, would the person who found it be able to access your information easily? If the answer is yes, then it’s time to add another layer of protection to your mobile device.
All smartphones allow users to do the following things:
- Create a PIN to unlock the phone
- Scan a fingerprint to unlock the phone
With some phones, you also have the option of using facial recognition. While setting a PIN is a good idea, we strongly recommend the fingerprint or facial recognition options as well. Since all fingerprints are unique, scanning your fingerprint is one of the best ways to prevent any unauthorized person from accessing your phone and the personal information stored there.
#5: Use Two-Factor Authentication
Even if you use strong passwords and a password manager, it’s still a good idea to add an extra layer of protection where you can. One way to do that is by enabling two-factor authentication on your accounts.
Two-factor authentication, or 2FA, is a process that allows you to request a code when someone accesses your account. Some sites will offer the chance to get an authorization code every time you log in; with others, you may be able to enable the authentication if someone accesses your account from a new device.
The most common authentication method is to send a one-time code to your cell phone or email. You’ll be required to enter the code before you can access your account. The benefit is clear: a would-be thief who had your password but not your phone or email would be unable to enter the code and thus, would be unable to access your personal information.
#6: Update Your Operating System and Devices
Our next tip comes from Robert Siciliano, CSP, the CEO of Safr.me. He gave us a piece of advice that could be easily overlooked.
“Keep your device’s operating system and software updated.”
If you’re one of those people who gets a notification that there’s an update available for your phone or computer and puts it off, you might want to think twice about the delay. When operating systems are updated, it’s usually because the programmers have identified potential security holes and the update is designed to patch them.
#7: Use Virus and Malware Protection on all Devices
The second tip Robert Siciliano provided is related to software updates. He mentioned that you should always make sure to use a complete suite of virus and malware protection on all your devices, including computers, smartphones, tablets and smart watches.
Ideally, you want protection that will shield you from computer viruses, malware, Trojans, worms and adware. All of these things have the potential to compromise your safety and leave you exposed to fraud or identity theft.
The same rule about updates applies here. Good virus protection should be regularly updated and you should never delay downloading the updates. Hackers and thieves are constantly coming up with new ways to steal your information.
We’d be remiss if we didn’t also note that your virus protection should be enabled at all times. You should never go online without protection.
#8: Use a Mobile Wallet
If you go to a website or mobile app and enter your credit card information, your number may be stored and vulnerable to hackers. The same is not true if you use a mobile wallet to make payments.
Mobile wallets are ideal for online shopping because they use something called tokenism, which assigns a unique numerical token to each transaction. Because the company you’re paying never receives your credit card number, they can’t store it. And, if their database is hacked or compromised, the hackers will get only the token, which is useless.
Some of the most popular mobile wallets are Apple Pay, Google Pay and Samsung Pay. Some credit unions and banks offer proprietary mobile wallets as well. It’s worth noting that in addition to online shopping, mobile wallets can also be used for contactless payments at many retailers.
#9: Don’t Let Anybody Else Use Your Credit Card
Finally, you can protect yourself online by being careful about letting anybody else use your credit or debit card. Even if you have every possible protection in place, being careless with your card could leave you vulnerable to fraud or identity theft.
We understand that it might sometimes be tempting to let a friend or family member use your card. However, the potential risks are high and there are other ways to loan someone money or help them out that won’t put your credit card or personal information at risk.
Using your credit card or giving out personal information online can be a risky endeavor if you don’t take the appropriate precautions. Considering that credit card fraud or identity theft can be costly and time-consuming to combat, we strongly recommend that you follow the nine safety tips here to protect your personal information online.
Do you need advice on how to protect your money when you shop online? Click here to learn about the benefits of Addition Financial membership today.