How to practice good credit card hygiene, avoid being hacked
Dear Liz, We have one primary credit card, which we use all the time, which collects airline miles that we use for travel. Every couple of months it gets “compromised” and we have to get a new one. Is there something we’re not doing right? Are there “good hygiene” rules for credit cards?
Answers: Yes, and most involve reducing the number of places that have access to the card’s information.
Many online retailers and browsers offer to save your card information to make future purchases easier.
While these autofills save time, they mean that your credit number information is stored in databases that are out of your control. Denying this option – and deleting your saved cards from browsers and retail accounts – means less convenience, but more security.
Another option is to add two-factor authentication to your retail accounts, making them more difficult to break into. This will require you to enter a code sent via text or email to you or generated by an authenticator app.
Some credit cards offer the ability to use virtual numbers online. If yours does, this is another option worth using. The merchant never has access to your real credit card number, so it cannot end up in a potentially vulnerable database.
You can avoid revealing your credit card numbers while shopping in person by using mobile payment apps like Apple Pay and Google Pay.
These apps create a “token” from your credit card information that is sent to the merchant when you want to buy something. Again, the merchant never sees and cannot store your actual card details.
Other best practices include avoiding unsafe sellers and websites. When shopping online, always make sure that the small lock symbol appears on the left side of your browser’s address bar, and that the website’s address begins with “https” instead of just “http.” If a website doesn’t offer these basic security features, you shouldn’t shop there.
Be wary of personal sellers who use old-fashioned magnetic card readers, the ones that require you to swipe, with no way to tap or insert your chip card. It’s much easier to clone the information on a card’s magnetic strip than from the chip, so avoid swiping if you can.
Also, be wary of skimmers and skimmers, which are devices that thieves install on unattended ATMs and fuel pumps to steal card information. These devices can be difficult to spot, so consider paying for your gas inside the station and using ATMs attached to banks.
You should also avoid using public Wi-Fi for financial transactions because these networks are usually not encrypted and are easily compromised. Finally, be on the lookout for phishing attempts, which is when criminals try to get you to divulge credit cards and other sensitive personal information by pretending to be from a trusted source.
Understand that you can do everything right and criminals can still steal your card information. Fortunately, you’re protected against fraudulent charges, so a compromised card is more of a problem than a financial disaster.
The social security’s complex rules
Dear Liz, You mentioned recently that people can’t always trust the information they get from social security representatives. I worked for social security for 25 years. When I was ready to apply for spousal benefits a few years later in another city, the representative immediately told me I was ineligible and wouldn’t even fill out an application. I knew he was wrong, but he was adamant. Always tell your readers to insist on submitting an application no matter what, as it protects their complaint rights. The applicant may be wrong, but will receive a formal decision telling them why. I spent 20 minutes educating that rep on what he should have already known. They don’t train them like they used to.
Answers: Social security rules can be extremely complicated, and as you can see, not all social security representatives understand these rules as well as they should.
Anyone thinking of applying should first educate themselves as much as possible (the latest edition of “Social Security for Dummies” by Jonathan Peterson is an excellent place to start). Consider using Social Security software or getting personal advice from a cash-only financial planner. When you are well informed, you will be better able to recognize and avoid bad advice.
Liz Weston, Certified Financial Planner, is a personal finance columnist for NerdWallet. Questions can be sent to her at 3940 Laurel Canyon, #238, Studio City, CA 91604, or by using the “Contact” form at askliweston.com.