There are so many scams out there, and they’re getting better and better. Recently a scam using a very official looking IRS document has been circulating, and some people are falling for it. We have some suggestions for keeping your financial information out of the hands of bad guys.
Basic computer security. Aside from the using anti-virus and anti-spyware programs (and updating them regularly!) you should make sure that none of your systems use default passwords. That means checking the router, any firewalls, and phone systems to make sure that the passwords are different than the passwords that came with the device.
Don’t make it easy. Make sure you’re not carrying around personal identification numbers for debit or credit cards on a scrap of paper in your wallet, and don’t leave computer passwords attached to a sticky note on your computer screen. Do not carry your social security card around in your wallet.
Know who you know. When you get emails, the first thing you should do is ask yourself if you know the sender. Is it a company that you’ve done business with or a person that you’ve met before? If you don’t know the person or haven’t heard of their company, don’t click on any links or open any attachments that they’ve sent you. Delete them right away.
Don’t be afraid to ask. When you do get an attachment or a link from someone that you know but that you aren’t expecting, you should consider calling or texting them to ask them what it is and if they sent it. Better check than get have your computer systems compromised, and if your associate has had their accounts compromised they would want to find out about it as soon as possible.
Check your credit. The real website for actual free credit reports is www.annualcreditreport.com and you can go there and get an actually free credit report from one of the big three credit agencies. Review it for mistakes and report problems as soon as possible, or they can linger on your report for years.
Use good passwords. Use a different password for your bank than anything else! If you use a single main email account, you should use a separate password that you don’t use for anything else for that too. You may know the XKCD view of passwords (https://xkcd.com/936/) but some passwords require mixed cases and special symbols and numbers. If you need one of those passwords, try to avoid some of the common patterns: Don’t begin with the required capital, don’t use common substitutions (see the comic), and don’t end with the symbol and number. You might want to randomly generate a password at least 10 characters long and then memorize that using your favorite memorization technique (and leave it written in your home safe or safe deposit box at the bank for when you inevitably forget it).
UPDATED: For a much longer and even more in-depth look into passwords, including good recommendations for password managers, check out this article on Cloudwards by James Crace. It goes through everything, from what makes a stronger password to what you should do about those security questions. It suggests a good method for figuring out new, super strong passwords too.