How to outsmart scammers and protect your money

To security experts, the Internet is an endless river of information — one that is constantly skimmed, raked and plumbed by legions of data prospectors.

And your personal information? That’s gold.

Identity thieves will collect everything they can find: your name, email address, phone number, your mother’s maiden name. If they can gather enough of these individual bits of identification, they just might be able to hop online and convince your bank that they’re you.

That’s when they take your money.

“The bad guys use whatever means they have to be as good as they can, and unfortunately they’re very good nowadays,” said Rich Richard, a Blue Point resident and chief of cybersecurity at the New York division of the federal Cybersecurity and Infrastructure Security Agency.

While it’s next to impossible to wipe all of your personal information from the web, Richard and other security experts say there are a number of ways to block scammers from gathering enough to hack into your financial accounts.

Here's what they suggest:

Practice basic cyber hygiene

Make sure your computer and smartphone are receiving the latest security updates, which will help them ward off cyberattacks. Some operating systems are set to automatically download those updates, but it’s good to make sure. Get creative with your passwords: Assume scammers already know your name, so don’t use a version of it as your password. And change your passwords often. Next, make sure your financial accounts are set up with multifactor authentication, which adds an extra layer of protection by requiring more than one form of identity verification before allowing you to access your account. You will usually find the option to do this through your account’s “security” menu, but if it’s unclear you should call the company’s customer service line to find out.

Make your email less valuable 

Do not unsubscribe from unwanted emails. Although they're annoying, by clicking the “unsubscribe” button you’re telling the sender that your email address is attached to a real person. The sender may indeed take you off their email list, but they also may sell your information to someone else who’s looking for active email accounts. Never click on links or attachments that are sent by people you don’t personally know. Sometimes those links will take you to a phony bank website or a site that has been mocked up to look like some other trusted resource. They’ll ask you to update your personal information, and if you do, the scammers now have it. Finally, create a separate email that’s reserved only for your financial accounts. That way, if a scammer collects your everyday email address, they still won’t have the one that can be used to access your money.

Get smart with your credit card

Don’t swipe your credit card, if possible. Use its touchless payments feature or sign up for contactless payment services like Apple Pay or Google Pay. These services will allow you to avoid contact with the credit card machine and any hidden chip readers that could be collecting your information for scammers. Finally, you should consider signing up for account alerts from your credit card or bank, which will notify you by email, text or push notification every time someone charges the account. Contact your bank’s customer service line if you don’t know how to do this.

Realize thieves are everywhere

If you get an email or a voicemail asking you to call your bank, do not use the phone number they give you. Instead, search for the bank’s number online, or call the customer service number on the back of your credit card. Scammers will try to collect personal information by sending people phony phone numbers that go instead to a phony customer service line.