Last year this time– right around Halloween – my wallet was stolen from my son’s stroller. (Okay I shouldn’t have placed it in the stroller in the first place, but I never imagined anyone would steal it. It was only slightly visible, tucked inside a pouch.)
You can guess the rest.
In a store elevator, while a woman to my right started talking me up and gushing over my then 1 year old son’s shoes (they were really cute), her quiet accomplice (to my left) crept her fingers into my stroller pouch and nabbed the wallet.
An hour later, when I realized the wallet had disappeared, I rushed home to check my bank and credit card accounts. As expected, the thieves had spared no time. They’d racked up over $500 in charges at the very department store where they’d stolen my wallet. They also purchased a number of monthly subway passes on their way out of the crime scene.
Some serious professionals had defrauded me right in my own neighborhood!
Lesson learned: Keep your wallet out of sight and reach.
But, sadly, wallet theft is not the only way or even the most common way fraudsters can get a hold of our financial accounts. Much of it happens online via hacks or breaches. Fraud devices or “skimmers” at ATM machines and card readers can also be sources of fraud.
This Halloween here’s some advice on how to prevent your financial info from getting in the wrong hands and what to do in case you become a victim of fraud.
Double Down on Password Protection
A wise rule of thumb is to use various passwords for various accounts. Don’t just use one universal password for every website since it makes it all too easy for a fraudster to access your bank accounts, payment sites, etc. if he or she gets ahold of your secret alpha-numeric-symbolic code.
But few of us actually follow that rule of thumb. Nearly three out of four consumers use a duplicate password, many of which haven’t been changed in the last five years, according to a recent survey.
If you’re worried about remembering all your passwords, consider using password management tools that provide a secure and virtual “vault” for all your passwords. LastPass and TrueKey offer free basic memberships.
As for how often should you change your passwords? Do better than every five years, but don’t worry about changing them every month. A study by the University of North Carolina at Chapel Hill found it’s better to change passwords infrequently.
While some sites and offices require you to change your password every few months, this can actually backfire, the study found, because when we are forced to change our passwords so many times we don’t get very creative. We may add a “1” or make a slight variation from the last password. And this makes our passwords all the more predictable to hackers.
In fact, for 17% of the accounts in the study, knowing a user’s previous password let researchers to correctly guess their next password in fewer than 5 guesses.
It’s fine to change your password once or twice a year, as long as it is made of a random variation of text including different cases of letters, numbers and symbols. And stay away from the obvious like your birthdate or a sequence of letters and numbers (e.g. ABC123)
Stick With Credit
You may notice when you go to checkout with a card, you’re now asked to dip instead of swipe. The U.S. recently moved to EMV chip card technology, in an effort to combat counterfeit card fraud. In time paying with a credit card should get safer.
Meantime, if you’re ever wondering whether it’s safer to use a debit or credit card, stick with credit. In the event of fraud, it will be easier to dispute the claims.
According to the Fair Credit Billing Act your maximum liability for fraudulent credit card transactions is $50. But if you report your card lost or stolen prior to fraudulent transactions your liability could even be $0.
With debit card fraud, on the other hand, you’re sometimes at a loss until the claim is resolved. What’s more, if you don’t report your card lost or stolen within sixty days your liability limit is up to $500.
Scan Your Statements
Keep a watchful eye on your accounts. Even if you’re a fan of auto-pay, it’s worth reviewing your bills regularly for unfamiliar charges. Card issuers and banks are getting better at alerting us of suspicious charges, but it’s always helpful to play an active role ourselves, too.
If you suspect your account’s been compromised contact your bank or card company immediately and have them investigate. In the meantime, they may shut off the account and send you a new card with a new account number just to be on the safe side.
Another place to look for red flags is your credit report. You can receive a free credit report from each of the three major credit-reporting agencies – Equifax, Experian and TransUnion – once a year at annualcreditreport.com. If you don’t recognize some of the items on your credit report such as random credit inquiries or unfamiliar card accounts immediately reach out to the credit reporting agency or agencies that’s listing the false information and explain the situation. Here’s a list of their phone numbers:
- Experian: 1-888-EXPERIAN or 1-888-397-3742
- Equifax: 1-800-525-6285
- TransUnion: 1-800-680-7289
You may want to place an extended fraud alert or credit freeze on your account. You can find more information on how to do this on the Federal Trade Commission’s website.
Avoid Random ATM Machines
Fraudsters and ID thieves may secretly install special equipment in credit card readers either at the ATM, gas pump machine or any other card swiping device to capture or “skim” our personal information on our credit or debt card each time we swipe. The reader makes two copies of your credit or debit card information: one to process the transaction and one to later download the information to the ID thieves.
To play it safe, use trusted ATM locations. Your bank branch’s ATM is usually a safe bet, since a security officer or camera often guards it. It’s a lot more difficult for ID thieves to compromise an indoor bank ATM than say, a random ATM on the street corner outside a convenient store.
Trim Down Your Wallet
While it’s not realistic to say, “Don’t carry your credit cards or cash in your wallet,” there are some other sensitive items a few of us DO carry in our wallets that aren’t necessary. The Identity Theft Resource Center recommends five things you should never carry in your wallet including your social security card or even a copy of your social security number, your birth certificate, bank account or routing numbers and password cheat sheets.
It’s best to keep these items tucked away in a safe and hidden place…and by no means in your child’s stroller!
Have a question for Farnoosh? You can submit your questions via Twitter @Farnoosh, Facebook or email at firstname.lastname@example.org.
Farnoosh Torabi is America’s leading personal finance authority hooked on helping Americans live their richest, happiest lives. From her early days reporting for Money Magazine to now hosting a primetime series on CNBC and writing monthly for O, The Oprah Magazine, she’s become our favorite go-to money expert and friend.