My old man doesn’t trust anything digital. In fact, he pays all his bills by check, and where he can he pays them in person, not via mail. When he does pay by mail, he drops off at the post office, in person, not in the convenient post boxes. He doesn’t use any form of online payment, and until about 3 weeks ago, he had never wired money. He has a bank account, but he only uses it to withdraw cash, deposit physical paychecks, and even pays credit card bills at the same bank by check.
When I was growing up, I thought his paranoia was overblown, but as I got older, I gleaned that my Dad was avoiding a major headache that totaled upwards of $50+ Billion in costs that plagued about 49 million people as of 2020 alone according to a recent report by CNBC this past March.
To be honest, while it’s admirable how seriously he takes his security, and being in my field I truly appreciate the effort he has put in, he’s a bit eccentric. I doubt he would ever be at risk for Identity theft, but he spends the equivalent of about 3-4 hours just managing his bills and finances every month, and that is on the low side. When exchanging funds, he uses checks or cash, and his credit card is only used when visiting restaurants or shops if cash isn’t an option. Since the pandemic hit, he has started using his credit card entirely to avoid touching paper bills and coins, but he keeps EVERY receipt.
For most of us, this is an implausible way to live, and the convenience of services like digital banking, autopay for bills, peer to peer payment services like Venmo and Cashapp, and online services as a whole has changed how we interact, and saved hours of time that we would otherwise spend being… Well, my Dad. And while old Dad may be the safest out there, we don’t all have to be like him.
Hence this list of 6 ways to stay safe in the real world and the virtual one from getting robbed of your Identity and hard-earned cash:
1. Burn your Debit Card. Seriously, do it now.
Don’t breathe in the fumes though, that’s a tad toxic. I know that this may be the antithesis of everything personal finance experts will tell you to do with your money, and while I hate even writing this option in because I LOATHE DEBT, in the current world a Credit Card is your best bet at staying secure when paying for services.
Look, if you or someone you know has problems with spending money they don’t have, use a card with a low limit if you have to, but never use debit. Spend the bank’s money, and always pay the total balance on the card, not the statement balance if you’re worried about accruing debt.
Data breaches are not uncommon, and the best practices often fall short in the face of 1 chink in the armor, and hackers end up with thousands of card numbers at one shot. Its not usually a technology problem that causes it either, in fact more often than not its human error that leads to severe data breaches. Regardless, in the event of a breach, if a credit card number is stolen, FDIC insurance kicks in and you can file a claim that voids the purchases you didn’t make, and its no cash out of your bank account.
Now the counter to this is that many debit cards come with this protection as well, but considering the fact that many Americans live check to check, fighting to get your hard-earned money back is stressful. Plus, it still leaves you on the hook for your other expenses that can’t be postponed till the money is back in your account, so the risk isn’t worth it.
You could always use checks, but check washing didn’t just stop being a thing after Frank Abagnale Jr. went to prison, so I’d hedge my bets with digital record-keeping over being a victim of check fraud because that is again money out of your bank account.
Now, I hope to one day come back to this article and delete everything that is above when Cryptocurrency is more widely accepted as payment. For true protection against theft, an immutable blockchain that keeps bulletproof records and provides no ability to steal people’s information from transactional records with no centralized administration or middlemen is TRULY secure against fraud and Identity theft. Taking the responsibility and trust from corporations, and putting the control into the hands of the people is the future. But I digress…
2. Use a Virtual Card (Card Proxy) when Shopping Online
This is a slightly newer concept in actual use today and is a great option in that you trust one service with your credit card instead of hundreds of others. The less places your payment information lives, the better.
Services like Privacy.com provide you the ability to set up a virtual credit card. You enter your card information on their service, and they spin up a virtual card that acts as a token of the card you actually use to pay for services. The virtual card charges a purchase back to your actual card, but your real card number and details stay hidden.
I am in no way paid to endorse Privacy.com, it’s just the one I personally use, but there are other options on the market. You can set cancellation dates for cards used for subscription services, so your accounts won’t be billed past when you want them because your virtual card expires. This is especially great for all those free trials that you forget will start billing after 30 days. You can also use them for one-time purchases with vendors from who you may only need very specific items or services and will never use them again.
Regardless of what you choose, this is a great way to get your real payment information off the internet, but still reap the benefits of e-payments for bills and subscription services.
3. NEVER share your Social Security #, unless it is Mandatory
If it is mandatory, ask why. Most businesses have SSN on their forms, even medical offices, but they have no business having that information. If you remember putting it down on a form, and you are fairly certain that they have no use for it, meet them and request to see what information they have stored about you, and request it be removed. As a consumer, you have that right.
Like a Credit Card, the more places the SSN lives, the more chances your identity will be stolen. SSN’s can be used to log in to accounts with many services as proof of who you are in lieu of a password, so not only can you have new accounts opened on your behalf without your consent, but you may be at risk of having your current accounts infringed upon.
4. Invest in a Good Shredder
For less than $100, you have a plethora of options when it comes to shredders, and it’s pretty important. The fact is, bad actors dumpster dive for personal information that they can use to exploit their victims.
Any documents you don’t plan on keeping that have private information on it, like your full name, birthday, address, SSN, or any kind of payment details should be shredded before disposal.
5. Be Selective with How You Share Information
A lot of us think it’s perfectly normal to show our driver’s license to buy cigarettes, alcohol, or to enter an establishment to verify you are of age. However, for a lot of us, it’s fairly obvious that we aren’t under 21.
When you show someone your driver’s license, you are showing them not only that you are of age, but you are also sharing your address, real birthday, and your driver’s license number, all to validate something as simple as being over 21 years old.
This is a risky situation to put yourself in, especially if when you leave the house you pull out in a nice car, wear an expensive watch, or show other signs of having some wealth/ money to burn. We live below our means, and try not to get too flashy when out, because it makes you a target. When you share your information, and you’ve advertised some flash, you put yourself at risk for potential exploitation.
When at convenience stores or pharmacies, do not allow for your state ID to be scanned. There is potential that they are storing information about you that could potentially be exploited by bad actors. Remember, while you may trust the companies that take your information, they aren’t entirely invulnerable to cyber-attacks, so while they may say they don’t use this data for nefarious purposes, they can’t speak for the rest of the world.
6. Understand your Digital Risk, and Secure your accounts with Multi-Factor Authentication (MFA) Where Possible
I saved this one for last because the digital world poses many risks to the average consumer. Your computers, phones, and WiFi Networks are all attack vectors for tech-savvy bad actors, so it’s important to be wary of the websites you visit and to be aware of what protections are available to you. To effectively ward off digital threats without giving way to fits of digital paranoia, here are some steps you can take.
- Invest in a current Wireless Router with all the Fixings
- Your router should be newer, or at least still receive patches and firmware updates from the manufacturer.
- Make sure you set a strong, complex password, and at a minimum use WPA2-Personal as you configure your network. If you’re more tech-savvy than the average Joe, look into WPA-2 Enterprise (requires RADIUS Server and credential DB)
- Wireless Mac Filtering is another option that should be in use on most home routers, which keeps devices that aren’t yours off the network even if they do somehow find your password.
- Use Biometric Device locks on your Mobile Phone
-
- These are really difficult to spoof. Patterns, pins, and other lock methods can be spied and stolen, but your biometrics are very tough to bypass.
Outside of chopping off a finger, or going full Mission Impossible on a Coffee Cup or a picture of your face turned into a creepy face mold, chances are you’re fairly secure with using your fingerprint or face as security for your mobile devices.
- These are really difficult to spoof. Patterns, pins, and other lock methods can be spied and stolen, but your biometrics are very tough to bypass.
-
- Use a Strong Password on your Desktop, or Look into Hardware Device Authentication
- Strong Passwords mean using capitals, numbers, symbols, all in tandem to build a strong enough password that brute forcing won’t be able to circumvent.
- Hardware Devices provide an additional layer of security with desktops.
- They look like flash drives and act as an unlock key for your computer so you don’t necessarily need a password.
- You can also use it as a second factor that is required to open your device after you enter a password.
- MFA Everywhere You Can
- Most financial institutions force you to do this, and for good reason. Passwords can be stolen, but accessing a secondary device like a mobile phone to enter your second verification code for login is a bit harder for hackers to accomplish.
- Many companies are moving to make this mandatory in retail, and in service-oriented businesses that work online because it is currently the best way to bolster a username and password combo with a user-friendly second factor.
- If it’s optional, put the onus on yourself to enroll in it. Many businesses feel their users will abandon the use of their applications if there are too many barriers to entry to using their apps. I have personally argued on behalf of our IT security clients with business teams to make sure this is mandatory everywhere we have worked.
Even after all the above steps are taken, I can’t guarantee safety online. Companies get hacked, either through a technology exploit, or through human error and coercion. Due to the nature of how consumer information is stored in individual siloes with each business you choose to work with, your risk is equal to the risk they face.
That being said, the future is bright with technologies like Blockchain that obfuscate information siloes, and decentralize storage of that information across distributed systems to secure that information, and limit entire user bases’ exposure to potential cybersecurity threats. In due time, people and corporations will begin to move in the direction of leveraging the power of Decentralized Ledger Technology to secure data, upping our security in daily life and at work exponentially.
Want to know if you’ve been a victim of a data breach? Here are a couple of sites you can use to check: