Someone's phishing for your personal info: Don't give them juicy bait

Mary Baldwin
·4 min read

Q: I freaked out when three of my credit cards had fraudulent charges all in one day. Then I learned that a new bank account was opened in my name. This has all been reported and corrected, but what should I do next?

A: Everybody’s phishing but not everyone is catching; let’s try to minimize your exposure by putting up a few roadblocks.

If you’re not in the middle of buying a home, car or opening new accounts, consider freezing your credit. The three major credit bureaus — Equifax, Experian and TransUnion — all have instructions to call or go online to freeze your credit. When you want or need a new account, just unfreeze it.

Inventory all your credit cards; do you really need so many? Is the store discount really worth the risk? Do all of the credit cards have chips that encrypt the data?

More:I'm changing jobs: What should I do about my 401(k)?

How many banks do you use? Can you effectively deal with one bank and only a few accounts? Are there minimum balance requirements? Is there a fee for each account? Each business and each rental property need separate accounts, and we all need one personal checking and savings account. You have a choice: reconcile several bank statements each month or go for a peaceful walk on the beach. Time is valuable and finite.

ATM cards require a PIN and can be used only to withdraw cash from ATMs. Absolutely never throw ATM receipts in a public trash can. Dumpster diving is a popular sport.

Debit cards may be used for goods and services, but credit cards not only give you 23 days to pay, they also have liability limits when they’re compromised. Review all activity and report unauthorized transactions immediately.

Under the Federal Electronic Fund Transfer Act, the liability is zero when the theft is reported immediately and before any unauthorized charges are made. Failure to notify the bank straightaway can cost you.

According to the FTC, when a missing debit card is reported within two business days, the maximum liability for unauthorized transaction is $50. If you wait too long, you may be responsible for up to $500. Always review statements immediately; certain banks don't charge anything if unauthorized withdrawals appear on your statement, but they want to be notified right away. Look for unexplained payments and listen for suspicious callers demanding more information.

Must you carry five credit cards, or can you get by with two? Use one card for the auto-pays (to get the perks) and keep that card at home. Use the other card for all online and retail purchases. When/if the outside credit card gets hacked, you won’t have to change all the auto-pays. If you must have a third card, put it in a secret safe place for emergencies.

If the thief personally presents your card to make a purchase, the card issuer can't hold you liable for more than $50 in fraudulent charges. You have no liability if the thief stole the number, but not the card.

More:Business matters: Should I consider real estate investment trusts?

Are you using Zelle or Venmo? There’s a story about a guy who lost his phone. The fraudulent credit card charges were refunded, but the bank refused to cover the Zelle transfers.

Get alerts and notifications set up as text messages or emails and regularly check account activity, especially if you use online banking.

Install virus and firewall protection on all your devices.

Don’t answer your phone if you don’t recognize the name or number; let the call go to voicemail.

Look carefully at text messages and emails and if you’re not totally familiar with the sender, don’t click on it. Nothing is urgent even though scammers make it sound like life and death.

Mary Baldwin, CFP®, is a fee-only financial planner at Buckingham Strategic Wealth in Indian Harbour Beach.
Mary Baldwin, CFP®, is a fee-only financial planner at Buckingham Strategic Wealth in Indian Harbour Beach.

Use strong passwords, change them often and keep them in a safe place. Don’t use the same passwords for multiple sites. Once a password is figured out, hackers will try it on all your other logins.

Update apps regularly; after hack attempts are made, most apps create patches in their updates.

Always use trusted sites. And log off all sites when you shut down and then turn your computer off.

Check addresses for the https; not just http. Although that’s not fool-proof either.

Guard your data. Don’t give out your Social Security number, birthdate, address or make and model of your first car. The more places and people that have your personal information, the higher the probability of fraud. Simplify your life with fewer credit cards, bank accounts and investment accounts. The definition of diversification does not mean more of your personal data in more places.

Mary Baldwin, CFP®, is a fee-only financial planner at Buckingham Strategic Wealth in Indian Harbour Beach. Contact her at 321-428-4555 or mbaldwin@buckinghamgroup.com.

For informational and educational purposes only. Individuals should speak with a qualified financial professional based on their own circumstances to determine if the above is appropriate. The opinions expressed by featured authors are their own and may not accurately reflect those of Buckingham Strategic Wealth®

This article originally appeared on Florida Today: Phishing trip: Here's how to protect your personal info and credit