In this article:
In this article:
How many of these fraud prevention tips are you aware of? Start 2024 off right by learning how to safeguard your data, devices, and family today.
In this article:
In this article:
Cybercriminals make it their job to find new ways to take advantage of unsuspecting victims. According to the FTC's latest reports, Americans lost more than $5.9 billion to various types of fraud in 2021 [*]
To lock fraudsters out, you need to update how you safeguard your data and PII (personally identifiable information).
Have you been the victim of fraud? Follow our fraud victim's checklist for step-by-step instructions on how to recover from fraud.
When thieves gain access to your online banking information, credit card accounts, or other financial documents, they can wipe out your savings, make purchases, or even open new accounts in your name.
So, how can you protect your information from financial fraudsters?
This includes your birth certificate, Social security number, passport, green card, checks, bank statements, and unused credit cards. Anyone with access to your home can potentially steal these cards and documents if they're not secured. (As an added warning, it's not always possible to change your Social Security number — even after identity theft and fraud.)
Financial institutions will never ask for these numbers. If a representative contacts you and asks for this information, be on high alert.
One of the most common types of fraud includes criminals posing as representatives to "warn" you of a potential breach. They ask for this information under the guise of helping you when they're really stealing your PII or hacking your email.
But how do you know if this is a legitimate caller or a scam?
The most common sign that callers aren’t who they say they are is if they rush or pressure you to find and then hand over this information. They might also get upset or belittle you. If you ever feel uncomfortable, politely disconnect, and call the phone number on the back of your credit/debit card. Verify whether the representative and their requests were legitimate.
These routes are not secure or well-encrypted. Avoid sharing sensitive data via email or text message (even if you're using a supposedly "secure" messaging app like Telegram).
For example, if you’re a Wells Fargo customer, you can set up Voice Verification to prevent criminals from impersonating you over the phone [*].
You'll receive an alert when purchases or ATM withdrawals occur, so you can dispute these kinds of bank scams right away if they're fraudulent. Vigilant monitoring is the best way to detect fraud before it causes irrevocable damage.
This way, financial institutions will be able to reach you in the event of unusual account activity.
Your PIN should never include a number that appears in your wallet, such as your birthdate, phone number, address, etc. These are the first numbers thieves will try if they steal your wallet.
Use your body to shield the keypad when entering it at ATMs, checkout lanes, or merchant devices. Never write down your PIN and store it in your wallet or purse.
Scammers install card skimmers at these machines that are nearly impossible to detect. When you run your card through one of these skimmers, criminals will have all the information they need. Card skimmers are unlikely to be installed inside your bank or gas station.
Your digital card number will be used during the purchase, not your direct debit or credit card information.
It might not seem like it, but your credit card is more secure and safe than your debit card.
A successful debit card attack may wipe out your entire bank account and take months to recover. But credit cards have Zero Liability policies, so you can painlessly dispute fraudulent charges, receive a new credit card, and continue making purchases in the meantime.
However, this doesn't mean you should ignore the numerous credit card scams out there.
Sign up for online billing and financial statements to prevent criminals from stealing your identity or sensitive data from your mailbox.
This will stop fraudsters from stumbling upon this information when rummaging through your trash. Shred your bank statements, credit card or loan offers, medical statements or bills (to stop medical identity theft), paystubs, lender statements, and similar.
Destroy old cards as soon you receive and activate a new replacement or upgrade.
Mail fraud is becoming more common, leading many to invest in secure mailboxes.
When it comes to social media security, an Aura survey revealed that many users perform the following risky behaviors [*]:
Cybercriminals can use these actions to complete a practice known as social engineering attacks. They’ll research your social media, contact you and start to gain your trust, then steal your identity, blackmail you, or worse. Here are some easy ways to safeguard your social media accounts:
Sharing birthdays, pet names, favorite sports teams, hometowns, employers, and other personal details on Facebook, Instagram, and LinkedIn can all reveal PII that fraudsters can use to try and scam you online.
Limit contacts to people you actually know and never accept requests or direct messages from strangers.
Children under 18 are often targets of identity theft because they have clean credit histories.
Never post (or let your children post) information like their full names, birthdays, school name, extracurricular activities, etc. This goes the same for their online gaming profiles. For added protection, check out Aura's Family Identity Theft Protection plans, which was rated the #1 identity theft protection by U.S. News and World Report.
📌 Related: Online Gaming Safety For Kids: What Parents Need To Know →
Phishing attacks are fraudulent communications that appear to come from a reputable source, often via emails (phishing), phone calls (vishing), or fake text messages (smishing).
Phishing emails, for example, mimic the colors, fonts, and logos of real brands. They’ll ask you to reset your account login due to suspicious activity, then provide a fake link that feeds your information directly to their database.
Here are some ways to avoid phishing scammers:
Scammers will do or say anything to get you to interact with them. Our survey showed a staggering 45% of U.S. adults open emails from senders they don’t recognize [*].
Once they steal your username, password, or other sensitive information, hackers can lock you out of your accounts, commit identity fraud, steal from you, and more.
Even if you know the sender. These may contain malicious code to install malware or spyware. Hover over links before clicking on them to verify they’re safe. If you’re unsure, look for a letter or number that may seem off or suspicious. Scammers are also increasingly using QR codes to hide malware or send you to phishing sites. If you don't know the sender, don't scan it.
Banks, credit card companies, phone providers, etc., commonly use five-digit shortcodes to text customers securely. Add these trusted shortcodes to your contact list, so you can recognize a legitimate message from a fake one.
If a hacker gets into one account, they won’t have access to everything. A password manager is a powerful tool to help you keep track of your secure log-in details.
Today’s typical consumer has an average of 90 online accounts and spends almost seven hours online each day [*]. Researchers also estimated that the average number of connected devices per household hovered somewhere near 22 in 2022 [*].
Unfortunately, each online account and connected device opens up a new avenue for cyber attacks.
Here are some of the best tips on how to keep your online browsing safe and secure:
Look for the closed lock icon and “https://” in the browser address bar. This will help you avoid online shopping scams.
These will let you see when someone signs into one of your accounts or makes a purchase from a different location.
A VPN provides a secure encrypted tunnel between your devices and a web server or an email host. This protects your data while in transit, which is when most cybercriminals steal sensitive data. Aura provides powerful antivirus and Wi-Fi security, so you can shop and browse online with confidence.
Biometrics could include Touch ID, Face ID, fingerprint scans, or facial recognition. However, you may not want to use biometric features if you have family members or roommates who look like you, as they may be able to pass these tests and use your device without your permission. (Biometrics can also be stolen in data breaches or duplicated to commit fingerprint identity theft.)
This could open the door for malicious attacks or spyware.
📌 Related: What Does Jailbreaking an iPhone Do? (Risks and Benefits) →
Sensitive information could be compromised during a data breach or discovered if your device is ever stolen. A whopping 47% of Americans allow others to use their personal devices, which means those other users could potentially access their accounts [*].
Unfortunately, due to the increase in data breaches, there’s a good chance your old (or current) passwords are available to hackers on the Dark Web. To see if you’re at risk, try the free Aura Dark Web scanner.
Over 40% of Americans say they download software or files from third-party sources without knowing their origin [*]. But unknown or open-source apps may sneak malware or spyware onto your devices. Free apps, especially mobile games, are often used to steal your data in the background.
Don't skip out on upgrades for your browsers, operating system (OS), devices, and antivirus software. These updates usually contain security patches that plug up known and emerging cyber threats. Skipping these makes you vulnerable for hackers to exploit. Consider enabling automatic updates.
This erases all your personal information stored on the device so hackers can’t steal it.
📌 Related: Why a Factory Reset Won't Remove All Viruses (Do This Instead) →
An alarming 68% of Americans in our survey admitted that they access public Wi-Fi [*]. But these are prime locations for hackers to perform man-in-the-middle (MITM) attacks.
This occurs when a cybercriminal gains access to an unsecured or public WiFi server and becomes a passive listener, capturing sensitive personal information like credit card data, bank account information, or login credentials from the devices on the network.
WPA2 and WPA3 are types of encryption used to secure WiFi networks. Consider reserving a Guest access mode so you don’t have to share your password with visitors.
Check their security and privacy settings before saving financial information, passwords, and other data in the cloud. Some providers may be entitled to sell your data, make it searchable, or continue accessing it even if you cancel your membership.
What happens to your data if the company goes out of business or gets bought by another company? What guarantees do they provide in the event of a data breach?
Password-hacking software automatically checks for commonly used phrases, numbers, and adjacent keyboard letters and numbers. These can rapidly decipher passwords in less than a second. And they’re getting faster every day.
Here are some of the most up-to-date rules on creating and protecting your passwords:
Combine letters (both uppercase and lowercase), numbers, symbols, punctuation, and uncommon phrases. The longer the password, the more challenging it is to crack. So use at least ten characters.
ITCU.org recommends starting with a sentence, such as “passwords that are complex are safe.” Then, remove the spaces, misspell a word or use shorthand, and add numbers, symbols, and varying upper/lower case letters [*].
So your new password may be something like, “1!Pa$sw0rdsthatRcomplxRs@fe/468.”
Same goes for using easily guessable words (like superheroes, pop stars, sports teams, etc.), words spelled backwards, sequences (1234), repeated characters (7777), or adjacent letters on the keyboard (QWERTY).
If hackers steal one password from a less secure site, they can try it on a more secure account. A frightening 68% of Americans told us they use the same password on multiple accounts [*]. This is even how Facebook CEO Mark Zuckerberg got hacked.
Set calendar alerts on your phone to remind you to change your passwords on schedule.
Especially when sharing streaming passwords connected to your credit or debit card.
This extra layer of security requires another step in your login process, such as sending a unique access code to your cell phone, before allowing someone to log in to your accounts.
A password manager stores and manages complex passwords for each account across your devices. Make sure to create a complex password to access the password manager itself, as that will serve as the gatekeeper for all your other passwords.
Of all the types of fraud consumers reported to the FTC (Federal Trade Commission) in 2020, identity theft was the most common. This occurs when a criminal steals your personal information (like your Social Security number) to commit fraud, such as applying for credit, filing taxes, or using your identity during a police encounter.
So what should you do if you think you’re a victim of fraud or identity theft?
Even if you think you only misplaced an ATM card, credit card, or check book, the sooner you report it to your financial institutions, the better. You can always call them back if you find it.
📌 Related: How To Prevent Check Fraud: 6 Preemptive Steps →
This will make it much more difficult for fraudsters to open lines of credit in your name or cause other financial damages. Place an alert on your credit report with one bureau, and they’ll usually notify the other two.
At FTC.gov, follow the prompts to protect yourself and alert law enforcement to the criminals.
Look for unauthorized accounts opened in your name, loans you didn’t take out, or other suspicious credit inquiries you never made. You’re entitled to one free credit report from each of the three major credit bureaus per year at www.annualcreditreport.com.
We monitor all three credit bureaus and sends you timely alerts regarding account activity in your file. If we detect changes to your credit or bank accounts, we alert you up to four times faster than our competitors.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.