Thursday, 5 August 2021

Cyber thieves and scammers pose an increasingly tricky threat to consumers and businesses alike.

Using phishing emails and other phony schemes, they can quickly steal passwords and take over your bank, credit card or other accounts.

Checks, wire transfers and credit cards present some of the most appealing targets for fraudsters, a 2021 Association for Financial Professionals survey found.

Learn how to spot scammers' tricks and take active steps to protect your identity and financial accounts. Here are several moves you can make to help keep thieves at bay.

1. Fortify your password

Weak passwords can leave your accounts exposed and have played a role in numerous data breaches in the past. The biggest mistake on the part of consumers? Repeating the same password for several accounts.

It may sound tiresome, but creating more complex passwords and changing them regularly can make them harder to crack. Keep these tips in mind:

  • Set unique, long passwords for each account using numbers, letters and characters. Drop any passwords that have been exposed in a data breach.
  • Make sure the answers you provide to security questions don't include personal data that scammers can easily find. (Skip the social media quizzes asking for your first car, favorite teacher, etc.)
  • Consider using a password manager — a software tool that encrypts and stores multiple passwords. You need only one master password to gain access to this virtual vault, which can simplify and better secure your online activity.

2. Practice good data hygiene

Just as careful dental habits can protect your teeth, good online hygiene can help protect your accounts.

Make sure your bank account and others with links to your financial data use two-factor authentication, such as a security question or a mobile text with a unique code that you must submit after entering your username and password.

If you use a public computer, be sure to log out when your session is over so no one else can find your account information. You might also turn off automatic login tools that store passwords on your computer.

Avoid using free public WiFi to shop or conduct other business that may expose logins and other sensitive data. Hackers can easily steal your information through unsecured WiFi networks at cafes, hotels and airports.

As an alternative, log in using your mobile phone hotspot or explore signing up for a virtual private network, or VPN, which allows you to browse privately and securely while using public networks.

3. Be alert and wary

Scammers have become more wily, whether using phone, text or email.

A well-designed phishing email that appears to come from a bank, phone company, internet service, online store, government agency or friend can trick consumers into giving up key data.

Think before you click any message asking you to follow a link to a website that requires sensitive information. Check with the party that supposedly sent it to see if the message is genuine; company websites may show scam alerts and clarify how the business normally contacts customers.

Some fraudsters target taxpayers with phone calls threatening arrest, or steal Social Security numbers to set up credit card accounts.

Among tips from the Social Security Administration:

  • Never say your number out loud in public
  • Hang up on anyone making threats while claiming to represent a government agency
  • Avoid clicking on links to "learn more" about a supposed problem with your account.

Other scammer favorites include cashier check and wire fraud. While cashier's checks are considered a secure way to receive payments, fraudsters have been using fakes, in some cases asking their targets to wire money to cover fees, refunds or other items.

To guard against this scam, one agency suggests taking cashier's checks only from people you know, checking with the bank named on the check to make sure the document is real, confirm the check has cleared, and saving any paperwork.

Along the same lines, the federal government advises consumers to never wire money to strangers or to anyone who pushes you to pay quickly or by wire only.

4. Secure your phone

If your mobile phone falls into the wrong hands — or hackers swipe your number— your accounts may be quickly compromised.

Among other security steps, use a device PIN that scammers won't easily guess,and steer clear of automatic logins. Download apps only from reliable sources, and make sure to apply the latest security updates for your phone and apps.

Back up your phone regularly and select its "Find my phone" option so you can track it if you can't find it. If it's stolen, smartphone insurer Asurion suggests you immediately back up the phone, then remotely wipe its data, lock it and change the password.

5. Report fraud

If you've fallen victim to scammers, it's important to act quickly. Notify your bank, credit card company or investment firm if your accounts are at risk or thieves got to them. Financial institutions may be able to minimize the damage and help you recover funds.

Contact law enforcement and, if you suspect identity theft or Social Security fraud, the Federal Trade Commission. If you clicked onto a phishing email, inform the mimicked company. And if you receive a suspicious call supposedly made by Social Security, report it to the agency's inspector general.

By taking steps to secure your identity and data, you can help fortify your finances against hackers and con artists.


The content provided is for informational purposes only. Neither BBVA USA, nor any of its affiliates, is providing legal, tax, or investment advice. You should consult your legal, tax, or financial consultant about your personal situation. Opinions expressed are those of the author(s) and do not necessarily represent the opinions of BBVA USA or any of its affiliates.

Links to third party sites are provided for your convenience and do not constitute an endorsement. BBVA USA does not provide, is not responsible for, and does not guarantee the products, services or overall content available at third party sites. These sites may not have the same privacy, security or accessibility standards.