8 Tips For Keeping Yourself and Your Money Secure
Protecting your finances can feel like a full time job. Beyond some basic password advice, keeping an eye out for phishing and identity theft attempts, and spotting financial scams early, here are some tips to keep in mind.
1. Pay for gas with a credit card, not a debit card.
Card skimmers are fraudulent card readers attached on top of legitimate readers. They can steal your card details without your realizing it until much later. Since gas pumps are one of the most common locations for these card skimming devices, you should be extra careful when buying gas at the pump. Using a debit card is riskier than a credit card since money is withdrawn from your account the minute a debit card transaction is approved. Credit cards don’t directly withdraw funds and provide much more protection for you so they’re generally considered “safer” to use in higher risk situations.
2. Don’t plug random USB sticks into your computer.
USB drives can contain malware (viruses, key-loggers, etc.) that automatically install themselves when the drive is inserted. If you found a flash drive in a restaurant or on the ground outside your work, don’t just plug it into your computer to see what’s on it.
3. Look out for ATM/card machine skimmers.
We mentioned skimmers above, but it’s worth reiterating. ATM’s, gas pump card readers, and other locations where card readers are often unattended or out of sight are at greater risk of being compromised by card skimmers. Before you insert your card look twice – does the slot for your card match the rest of the ATM? Is it loose? If anything looks strange, walk away and find a different machine.
4. Review third-party party access in Google, Facebook, and other services
Google, Facebook, and other service providers provide the ability to connect to third-party apps and services via your Google or Facebook credentials. We won’t get into the technical details here, but that can mean that these third-party apps have access to some of your Facebook or Google data, depending on their permissions. You should periodically review these permissions to make sure you still want these third-party apps to have access and clear out the ones you don’t use anymore. For Google accounts start here: https://myaccount.google.com/security-checkup and for Facebook here: https://www.facebook.com/privacy/checkup/
5. Update your devices regularly.
A study a few years ago compared the security practices average Americans thought were most important to the practices deemed most important by security experts. There was agreement on good password practices but #1 for experts wasn’t anywhere to be found on the average person’s list. Whether it’s your mobile phone, your iPad, laptop, or desktop, promptly installing updates and patches is important. Those updates are fixing weaknesses that are now public knowledge. Update, update, update.
6. Watch out for tax scams in the months leading up to April 15th and other tax filing deadlines.
We’ve written about this before but it bears repeating. File early if you can and be extra wary of any calls, emails, or letters from the “IRS” demanding immediate payment or else. This isn’t just true at tax time; any time there is something in the news people are paying attention to there are going to be scams to take advantage of it.
7. Back up important photos, files and documents.
Periodically backing up your important files is a good habit anyway (hard drives fail sometimes, and you never know when you might lose your laptop) but the recent rise of ransomware has made it even more important. Ransomware is a type of malware that can encrypt (lock up, essentially) the files on your device until you’ve paid a ransom to have them decrypted. Even if you do there’s no guarantee they’ll be unlocked. Backing up the things that are important to you protects you from accidental loss AND ransomware attacks.
8. Enable multi-factor authentication where available.
Multi-factor authentication, or MFA, requires multiple methods of verifying your identity when signing into an account. This usually means receiving a code via phone or text message or using an authenticator app like Authy or Google Authenticator in addition to logging in with your username and password. It adds an additional layer of security for online banking and it’s a good idea to turn it on where it’s available.
This post was originally written in 2019 and last updated in 2024.