Wednesday, April 19, 2017

How to Protect Your Credit Card Online

In this day and age, the only way to be sure that your credit card is safe is to, not have one.  Of course, the practical consequence of not having a credit card means no online shopping, no convenient on the go purchases and no easy digital management of various expenses.

Even mobile payments are tied to credit cards with precious few options to avoid the ubiquitous payment method.

Since not having a credit card is not practical (for me at least), let’s look at some tips to add security in an unsure cyber world.

Do Use Secure Sites with HTTPS 

It goes without saying that you should only share your credit card information with trusted sites, but how do you know you can trust the site.  Well, one thing to look out for is a little lock icon in your browser representing the HTTPS; the ’s’ stands for secure (the HTTP means Hypertext Transfer Protocol if your interested).  Traffic on sites designated with the HTTPS is encrypted.

Reputable shopping sites like Amazon and even smaller shopping sites can make use of encryption to add another layer of protection to your personal financial information.  If, it ain’t got the ’s’, don’t drop the $.  Simple.

Do Monitor Statements 

Online shopping is so convenient.  So too, is checking your statement online.  And the two should never be separated.  Continuous monitoring of your transactions with a view to quickly identify and immediately report suspicious charges is a requirement of responsible online shopping practices.

If you consider even that too much, automate the process.  Have your credit card company text you after ever transaction and report any fraudulent transactions faster than a Lamborghini can do zero to 60 mph.

Do Use Unique Passwords

Sure.  It can be a pain to use a different password for every site.  But, it is necessary.  Even reputable businesses can be compromised putting your other accounts in danger.  Unique passwords can help stop hackers in their tracks and keep their nefarious actions at bay.

Develop a system to help you remember the passwords or use a password manager like 1Password or LastPass.  If you’re a Mac, consider the free, built-in, seamless iCloud KeyChain.

Regardless of which system you use, do immediately, if not already done, upgrade to two-factor authentication (2FA) on every account that offers the option.  2FA also adds an extra layer of security; in many cases when logging in, users have to enter a code issued via a text, an app or dedicated device, in addition to the correct password.


Do Secure Your Network

That “free” hotspot is tempting.  But nothing in life is truly free.  Many ask you to register your email address and then hit you with spam.  Some are not secure, deliberately or accidentally.  Tempting as it may be, use secure mobile data, a Wi-Fi analyzer to assess the network or a VPN (Virtual Private Network) to “scramble” your internet signals.

If you must jump on to a hotspot unprotected, avoid open networks (no password requirement), check with the proprietor to ensure the SSID is not being spoofed, light up a firewall, and limit your online traffic to the essentials.

Make sure your system OS (Operating System), software, apps, anti-virus and anti-malware are all up to date.

Do Consider Alternatives

PayPal and similar services put ‘distance’ between your credit card and the merchant.  Many credit card companies offer excellent alternatives like ‘disposable’ card numbers and secondary PIN verification for transactions.

Don’t Email/IM Credit Card Info

This advice has been repeated over and over and over again.  Yet we keep doing it.  Never, never send your credit card number, expiration date and/or CIS, your PIN or your password via an email message or instant message (IM).

Even if you think your email account is impenetrable (and it is not), the recipient's account could be compromised leaving you exposed.  It is just not worth it.

Don’t Auto Complete Card Numbers

Browsers, under the guise of being helpful, offer to auto-complete forms.  It’s a great idea for when you type your name, not so much when typing your credit card information.  Consider turning off this feature for all sensitive financial data and key in the numbers yourself.

In that same vein, don’t store your card information on the site.  Many sites encourage you to create accounts (with your card information) to make future transactions easier.  Don’t trade ease for security and opt, where possible, not to permanently hand over your account digits.

Don’t Respond to Suspect Email

This one is hard.  Phishing emails are becoming more sophisticated and more difficult to spot.  The email may appear to come from your bank, or your boss or your spouse and ask you to verify your information by clicking on a link.  There are countless other scenarios that appear legitimate but are not.  Don't assume the sender is who they say they are just because they have some information.

The bottom line, be VERY careful.  Pick up the phone and call your financial institution, go directly to the official website and avoid clicking on the link, update your virus protection systems, never auto download attachments and be very suspicious of almost everything.  Paranoid much?  Perhaps.  Protected? Definitely.

Don’t Withdraw Cash Unnecessarily

Aside from being hit with high fees for each withdrawal, you have to watch out for skimmers on ATMs, so the fewer trips to the ATM, the better.

Try to withdraw a little more cash than you immediately need, use your smartphone to make a video recording of the transaction, photograph and keep your receipt, only use well-lit ATM in high traffic/well-populated areas and inspect that machine before and after use.  This, along with vigilant monitoring of your online statements, should help reduce the incidences of fraud.

Sources:
Daily Telegraph
Bank of America

Tech4Life airs on @RJR94FM every Tuesday morning at 8:15 am