The cost of online fraud is predicted to reach $25.5 billion by 2020. That shouldn’t be a surprise.
Today we share our financial data in many places—online shops, apps, games—and only a few of those places can provide to us decent security. Consequently, we must take responsibility for our the safety of our data.
To help you, we collected the most common situations where people often put their financial information and money at risk. For each case, we’ll discuss security best practices to avoid becoming a victim.
Case $: Hidden Payments
Some thieves—even legitimate companies—scam customers by charging nearly unnoticeable small amounts to cards.
In 2010, a group of criminals stole nearly $10 million using micro charges made to more than a million credit and debit cards.
More commonly, however, companies make millions from legal payments you’ve forgotten to cancel.
Here’s how it works. Some companies give users a free test-drive before committing to a purchase. For example, Apple Music starts with a 30-day trial option. At the end of the trial period, you receive a notification that the next payment will be charged automatically if you don’t cancel the subscription.
Unfortunately, some companies don’t send you any notification email. For example, when you sign up for Amazon Prime’s free trial, your account is set up to automatically charge your credit card for the full $99 when the trial period ends—without notice. Then it will continue to bill you annually thereafter, never letting you know. There is no scam here, but it is still unpleasant. Nobody wants to feel that someone has taken advantage of them.
How to Protect Financial Data from a Hidden Scam
- Check bank activity regularly, perhaps weekly, for transactions that aren’t yours. Keep an eye out for small transactions too. If you notice suspicious activity, notify the companies involved, and alert your bank immediately.
- Set up alerts for your trial products and services to cancel them before payment will be charged.
- Go into your account preferences and turn off the automatic billing feature to avoid being charged in the future.
Case $$: Online Shopping
We buy different things on various of websites all the time. Every day we share your financial data while shopping—and risk becoming cybercrime victims.
In fact, 11% of internet users have had important personal information stolen, including their credit card or bank account information.
So, how do you avoid falling prey to such data theft?
How to Protect Financial Data While Shopping Online
- Never shop online using public Wi-Fi. While on public networks, you should never sign in to accounts that contain financial information.
- Shop only on secure websites. Enter your credit card data only on pages where the URL starts with “https” and has a lock icon in the browser bar.
- Beware of fake shopping apps. Before downloading an app, check out the company’s website to find out if they even have an app. It’s better to follow the direct link to the app from the company’s website.
- Use a credit card for online payments, not a debit card. A credit card will give you more protection if it ends up being a scam. In the case you do notice fraudulent activity on your credit card, you have 60 days to report it and dispute the charge. For most debit cards, it’s only two days.
- Don’t provide unnecessary data. Avoid supplying retailers with your social security number or date of birth, which is absolutely not needed for purchases.
Case $$$: Your Favorite Apps
Mobile devices allow us to do everything online from anywhere, at any time. However, it’s important to remember that any app which is linked to a payment method, a credit card, checking account or PayPal, is a worthwhile target for a hacker. For example, by hijacking your Uber account, criminals can set up fake drivers and bill you for “ghost rides.”
That’s why you should pay close attention to every app on your smartphone.
How to Protect Financial Data on Apps
- Get off to a safe start. To use some apps, you must enter sensitive information, such as your card data or bank login and password with which criminals can gain access to your accounts. It’s important to download apps from trusted sources: authorized app stores or official websites of well-known companies.
- Don’t use a jailbroken or rooted device. Such devices remove the built-in security measures the device comes with, and you’re left more vulnerable as a result.
- Review the apps on your phone. Consider the amount of data and access your apps have. On iOS, you can control the privacy settings of apps and how much data they can access on your device. On Android, you can restrict the data apps have access to by turning on and off permissions.
- Install a Security App. To keep your financial and other data safe in apps, you should also manage your device security. But, choose wisely! Today hackers can easily hide malware in security and PC optimization apps too.
- Never open attachments or click on links in mobile email messages from unknown senders. It could be a phishing email, which is hackers’ the favorite way to get access to all your apps and data.
- Don’t click on pop-ups. Seriously. They are the easiest way to get infected. We recommend never clicking on pop-up advertising in an app. You can also use StopAd to block all pop-ups—everywhere.
- Be sure your phone is password-protected, and that apps don’t allow auto-login. In case your phone is stolen, you don’t want to give thieves easy access to all your data.
Case $$$$: Mobile Banking & Financial Apps
Banks are considered reasonably safe from intrusion. Case in point, Bank of America spends $400 million in security per year. But not all financial companies have such budgets.
A social-media-meets-financial site, Blippy, allowed people to share credit card purchases with other users and was found to have accidentally leaked some of its customers’ credit card information on Google. Uh, oops.
We don’t encourage you to uninstall your banking app, though you should be aware of what data bank apps are using and what they’re sharing online.
How to Protect Financial Data on Mobile Banking Apps
- Start by reading the company’s security and privacy disclosures. Pay attention to what kind of responsibility they’re willing to take if a breach occurs.
- Look at the company’s security certifications:
– a payment card company should have the PCI certification given out by a Qualified Security Assessor under the PCI Security Standards Council program;
– financial institutions might be audited and certified by the Federal Financial Institutions Examination Council (FFEIC).
- Make sure a third party has validated the company’s privacy and security programs. Look for big accounting firms like Trustwave, Coalfire or TRUSTe Privacy Seal Program (for example, popular budget app, Mint, has its certificate).
- Check the basics:
– two-factor authentication for customer logins;
– when a site doesn’t recognize the device you’re using, it should ask you a series of questions or send a code to a trusted device.
- Sign up for account-monitoring alerts, which can send you a notification for every transaction you make.
- Use different passwords for your money-related apps and sites. Non-financial sites don’t have strong security. So if your passwords are identical, hackers can easily get access to your password and then use it to get into a financial application.
- Make sure your operating system is updated—companies often release security patches in updates.
- Don’t use your financial apps on public WiFi: airports, cafes, libraries. It is easy to hack.
Privacy is a complicated story, to be sure that your financial data is completely safe you should have other your information protected too. Find valuable tips for secure passwords, data tracking avoiding, social media security and more in our Go-To Guide to Online Data Protection.