I recently got a phone call from someone posing as the electric company alerting me that I had a delinquent bill and they were about to shut off my electricity. All I had to do was to provide payment on the phone to keep the lights on.
Didn't I pay it? Did I forget? My anxiety level heightened and I could feel my heart racing... but then my alert radar took over.
...I almost fell for it.
I hung up the phone and logged into my account to see that I had paid my bill and was not delinquent, confirming my suspicions that it was a scam caller. Man, they are good!
If you think you aren't a target, you are underestimating the sophistication and believability of today's scammers.
So what can you do?
Below are 5 tips for protecting your identity and decreasing your hackability.
1. Use a password manager and unique passwords for all your logins
If you have a paper with ALL your passwords written on it, or you use the same password over and over, I am talking to you! This doesn't cut it and makes your private accounts very hackable.
I prefer LastPass to manage all my passwords. It is a password manager that allows me to create buckets that are private or shareable and can have unique, secure passwords for every login.
I even have a family-sharing bucket. My teenagers no longer come to ask me what our Hulu, Netflix, or Disney+ passwords are. These passwords are all shared in a family bucket via Last Pass.
Implementing a password manager does take some time and patience, as you have to enter all your passwords into your LastPass account and change them individually. This is no small undertaking.
But once you have done the work upfront, it is smooth sailing from then on. You can install the app on your phone and an extension in your Chrome browser that makes logging in securely as easy as scanning your face or clicking a button.
2. Question everything, from email addresses to caller Id
So this may make me sound paranoid, but I get these daily... someone pretending to be Amazon, but their email address isn't quite Amazon's. Someone pretending to be the IRS, and NOPE, the IRS won't call you. Someone texting me that my USPS package is lost, but the contact info looks like the USPS but it isn't really USPS.
Before you click or give out your info, look closely. And if in doubt, close out the call, text or email and go directly to your account with that company and look there to confirm. Don't click on the link!
3. All wifi is not secure
You are waiting for your flight to board and decide to look at your bank account at the airport. Stttooooppppp!
All wifi is not secure.
Think twice if you are on public wifi and what you are accessing. It can be intercepted and public places like airports with every traveler sitting around on their phones are simply easy pickings.
4. Review your bank and credit card accounts regularly
In the business world, one of the most common mistakes I see business owners with do-it-yourself bookkeeping is that they don't reconcile their bank and credit card accounts.
Reconciliation is where you find errors.
This is not a common practice with personal accounts, but you can still review your transactions for errors!
Last month, I was trying to watch a play-off high school game and accidentally input my credit card online on my phone on a popup window instead of the website.
I knew it.... as soon as I did it! Ugh, I just gave hackers my card.
Sure enough, I had 2 separate $1.00 transactions on my credit card within the next 3 days from 2 different companies. I alerted Capital One via the app that they were fraudulent. Even as good as Capital One is, they didn't take action until 2 weeks later I noticed a $99 charge for that same company.
Capital One reached out, canceled my card and I had to update all my accounts with my new account number.
Had I not been looking at my transactions, I would have easily missed this... and the onslaught of future fraudulent charges.
A few years ago, my card was also stolen when I tried to take money out of an ATM in Italy. I had over $3k in charges across Italy within days! The scammers in this case likely had a physical swipe reader or a remote device that recorded card numbers when users tried to scan the card in the ATM.
Shall I continue with more stories? If you don't have a similar story and this hasn't happened to you, consider yourself lucky.
How can you mitigate your hackability? Make it a habit to review.
When you are home, instead of scrolling on Facebook or Instagram, spend a few minutes looking at your bank and credit card transactions as a gut check. Catch fraud before it gets out of hand. Just don't do it at the airport on airport wifi.
5. Double-factor annoying
Every time I have to enter a texted code to login to a website, my level of annoyance doubles. I probably have at least 20 texts a day on my phone that are secure codes for logins. So annoying!
But this feature is a must on anything you don't want to be compromised and has become a standard for most websites with private information.
From your bank account to your Facebook/Instagram account, enable double-factor authorization!
How many times do you get messages from friends telling you not to accept a friend request from them and they have been hacked? Guaranteed, they didn't have double-factor authentication setup.
BONUS TIP: What to do if your Social Security Number has been compromised
Unfortunately, a tactic for stolen social security numbers is filing fraudulent tax returns. I have seen this happen first-hand to individuals and their kids!
The IRS has put in a safeguard to help protect against this.
If you feel your social has been compromised, you can request an IP PIN (Identity Protection PIN ) on the IRS website. The IRS will mail you a new PIN each year and you will need to enter that as part of your tax return filing.
...all the best efforts can still be hackable
Taking a few actions mentioned above can decrease your hackability, but at the end of the day, the sophistication of some hackers will still get access to the best-safeguarded accounts.
Keep on alert and implement some quick safeguards today.
