6 Summer Scams & How to Avoid Them

Just as mosquitoes can ruin a summer picnic, a good scammer can turn a winning day into a master class on losing your mind.

As the weather gets warmer, mosquitos and ticks re-enter our lives, and along with them comes their larger cousin, the scam artist. There are ways to prepare for those seasonal meal stealers. The same goes for scams, as foreknowledge is the best repellent.

Ticks and mosquitos aren’t harmless — they are well-known vectors for serious illnesses. Scam artists are also vectors for a plague that affects millions of people each year: identity theft. But sometimes a scam is of the simpler smash-and-grab variety.

Either way, some scams never seem to get old, as evidenced by the huge number of people that continue to fall for them no matter how many warnings we issue. There are always new variations that snare even the wariest consumers.

With that, I give you this summer’s smorgasbord of scams.

1. The Summer Rental Scam

It’s not the easiest thing on earth to find a summer rental that has all the right elements: a reasonable distance from the beach, the right number of bedrooms and bathrooms, a pets welcome policy. So, when you do find the right one, the tendency for most people is to pounce. Don’t be most people. If you get scammed on a rental, you’re not going to know till you show up at the front door and a puzzled person peers back at you. Oh yeah, and good luck finding the rental office, because it’s an abandoned drive-in.

The best thing you can do is visit the property in question beforehand. If you are working with a real estate agent, ask for his or her license number and check it, request references if there are no reviews online and confirm that the address is real and the premises are truly available for rent. Some home-rental websites have their own vetting processes and offer guarantees that will protect you in case of fraud.

2. Summer Job as Credit Application

It is not completely bizarre to need a background check before getting hired, but chances are that the young person in your life looking for a summer job is not applying to be a bank clerk or armored car driver. When it comes to providing personally identifiable information to an employer, use your head.

It is sadly a common occurrence that when kids are offered a “job,” they provide their information for tax purposes, including their Social Security number, and then never hear back. The reason: The only “job” was a robbery. Their identity is stolen, and because kids will be kids, it often takes a long time for them to realize the jerk who flaked on a summer job offer gutted their creditworthiness. (Here are four ways identity theft can impact your credit.)

Never provide sensitive personal information to a job site or anyone claiming to offer a job at the start of the process. Before you show up for an interview, make sure the job is legit: You can figure this out by doing an online search or making a few phone calls.

3. Door-Knocker Scams

Summer is the time for door-knocking scams. It can be anything really. Sometimes the knocker wants you to help save an endangered species or an embattled population far away, sometimes they are selling a lawn service, home maintenance or sustainably produced electricity — all these causes, services and products may be legitimate, but the person offering them … not so much.

If a stranger comes to your door, your level of suspicion should be high from a personal and digital security perspective. If you like what a knocker has to say, tell them that you will go online to help their cause or buy a product, and send them on their way.

4. Wi-Fi Scams

This is a year-round thing, but people still get got all the time by phony Wi-Fi scams, and the problem is only getting worse now that more municipalities are offering free access to the internet. The problem is that free Wi-Fi doesn’t guarantee secure Wi-Fi.

Always check with the network provider or someone of authority before logging on to any new wireless connection. Use a VPN, or virtual private network, to conduct any transactions that involve sensitive information. (Here are 50 more ways to avoid falling victim to hackers.)

5. Front Desk & Fake Menu Scams

Hotel scams are many and various, and it’s best just to remember that you are a target whenever you are traveling, but there are two scams that are sufficiently common. The first is the front desk scam, which is pretty simple.

You check in late, you’re tired and your phone rings. The scammer doesn’t know when you checked in. He or she is calling random rooms. You are told there is a problem with your credit card. Can you please confirm the number? The second scam to look out for is the menu scam. Scammers produce fake ones, and then steal your credit card information when you call to place an order.

If you get a call from the front desk, hang up and call back or go in person to confirm your payment method. Use your smartphone to order food or call the front desk for suggestions.

6. Moving Scams

Summertime is moving time. Just make sure your relocation isn’t a moving experience of the hair-pulling kind. While there are many great services out there, there are also some fraudulent ones that could wind up costing you big time.

With new online services like Task Rabbit and Angie’s List to name but two, there are ways to choose a moving service, large or small, that suits your needs and provides reviews. Just make sure you check out their reputation online before they show up at your door.

You May Have Identity Theft Repellent

Just as mosquitoes can ruin a summer picnic, a good scammer can turn a winning day into a master class on losing your mind as bank accounts are drained, credit cards are maxed out and large purchases are made in your name. There’s a way out, and you may already be covered.

If you think you might have been a victim of identity theft, it’s important to monitor your credit for anything out of the ordinary — primarily accounts and delinquencies you don’t recognize. You can get a copy of each of your three major credit reports for free once a year at AnnualCreditReport.com and you can use a free tool like Credit.com’s credit report card to check for signs of identity theft every month.

It’s also a good idea to check with your insurance agent, bank, credit union or the HR department where you work. It is increasingly more common as a perk of your relationship with the institution to be offered free access to a program that provides education, proactive assistance and damage control if you become a victim of identity theft.

If it’s not free, you may be able to get it at a minimal cost. (Full disclosure: CyberScout, a company I founded in 2003, provides these services to institutional clients, and they in turn offer the service to their clients, customers, members or employees.)

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

Image: Imgorthand

The post 6 Summer Scams & How to Avoid Them appeared first on Credit.com.

Are You Hack-Proof? Here’s How to Make Sure

If you see a story about a data breach or a security compromise on a device you use, consider that an action item for your day.

While the writing has been on the wall for a long time, last Friday it was in the news wires when a new strain of ransomware called WannaCrypt raged like an out-of-control wildfire across Europe and Asia, ultimately impacting computers in 150 countries.

For many affected by this hack, a few hundred dollars in ransom money is a pittance when compared to the cost of hiring someone to attempt the recovery of your files after they’ve been encrypted. These ransomware attacks would cease to be profitable were there easy workarounds. But at this time, it is highly likely that if you happen to get got by one of these attacks, you should assume your files could be gone for good.

That’s why it’s critical you learn how to protect yourself.

Cyber Hygiene

If you’re like most people, you spend about 40 minutes a day on personal hygiene. While that’s a considerable amount of time, you probably don’t consider it to be an issue. It is not the same thing when it comes to cybersecurity. Were it as simple as downloading and installing software updates, the time spent on cyber grooming would be minimal (though the patches do seem to come fast and furious these days).

The issue really is that cyber hygiene is something one should practice 24/7/365. Come to think of it, it requires about the same amount of commitment and mindfulness as it takes to make sure your hair is OK and there’s no spinach in your teeth.

Here are some things to consider including in your daily cybersecurity routine.

1. Install Updates

When you are trying to find something online or use an app, an update notice can be like a mosquito that’s overly interested in you, but the last thing you should ever do is swat that notice away. It is often the only thing standing between you and the bad guys out there who are looking for a way to exploit weaknesses in the security features of the devices you use on a daily basis.

2. Use Standard Encryption

Both Apple and PC now offer a way to protect the content stored on your hard drive, and it’s so easy there’s no reason not to use it. It’s called FileVault on Apple and BitLocker on PCs. It is easy to set up, and renders everything on your machine unreadable by a hacker who gains access to it.

3. Back Up Your Digital Life on an External Drive

For less than $60, you can purchase an external hard drive large enough to store an immense amount of data. That’s where you want to keep your most sensitive personal information. The reason is simple: It is air-gapped (not connected to the internet) most, if not all, of the time. There is no need to be online to backup your hard drive to an external drive. Extra points if you encrypt your data.

4. Use a Password Manager

If you’re not using long and strong passwords, or still using the same password across multiple platforms and websites, you need to read this. For those who get over that rather low bar, it’s time to improve your game. It used to be that people made cheat sheets with their passwords and stored them in their desks (bad) or on an encrypted thumb drive (way better). That’s no longer necessary. Password managers take away the risk associated with having your passwords written down where they can be found and used. You need only remember one. As far as services go, there are many, and all are better than older methods of managing passwords. Research them online and make sure to read their reviews.

5. Read the URL Address

There are more spoof sites out there than you may realize, and they are there to do harm, not good. Always look at the URL to be sure you are on the site you intended to visit and not a clone — the clone will often have a very similar address, so look closely. For an additional layer of security, you might want to consider downloading HTTPS Everywhere, a plug-in that works on Chrome and Firefox and enables HTTPS encryption automatically on sites that support it.

6. Think Before You Click

The number one way people get got is thoughtless clicking. Whether it is a fake or corrupted website designed to plant malware on your device or a phishing email that looks like it came from a trusted institution or a friend but is in reality from a cyber fiend, you must have a pause in place — and it has to be automatic — when it comes to clicking on anything that comes your way from “out there,” even — or especially if — it looks like a friend or family member sent it.

7. Make Your Security a Seamless Part of Your Day

If you see a story about a data breach or a security compromise on a device you use, consider that an action item for your day. Just take a second to find out if you are affected, and then take whatever precaution you can. The 40 minutes that average person spends on personal grooming is a good rule of thumb. Think of your cyber hygiene like a glance in the mirror.

8. Use Two-Factor Authentication

Increasingly, two-factor authentication is available on the accounts we use daily, and it is essential that you set it up. It means that if a person hijacks one of your accounts, there isn’t much damage they can do without also having possession of your mobile phone or access to your email account. It’s an easy measure anyone can take to improve their personal cybersecurity.

In my book Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves, I go into greater detail about the various ways your information can be got and what you can do to protect it. The main lesson: Practice what I call “The Three Ms,” which are as follows:

  • Minimize Your Exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t overshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and consider freezing your credit. (Here’s how to decide if you need a credit freeze.)
  • Monitor Your Accounts. Check your credit report religiously, keep track of your credit score, read Explanation of Benefits statements from your health insurer and review major accounts daily, if possible. (You can check two of your credit scores for free on Credit.com.) If you prefer a more laid-back approach, sign up for free transaction alerts from your bank, credit union and credit card companies or purchase a sophisticated credit and identity monitoring program.
  • Manage the Damage. Make sure you get on top of any incursion into your identity quickly and/or enroll in a program where professionals help you navigate and resolve compromises. These are oftentimes available for free or at a minimal cost through insurance companies, financial institutions and HR departments.

Worried about getting hacked? You can find a full 50 ways to avoid (and deal with) a cyberattack on Credit.com. 

Image: LightFieldStudios

The post Are You Hack-Proof? Here’s How to Make Sure appeared first on Credit.com.

50 Ways to Avoid (or Deal With) a Cyberattack

None of us want to think about it — but here are 50 "just in case" ideas to help you avoid or deal with a cyberattack.

In case you missed it, a major cyberattack swept the globe Friday. Per pretty much every major news outlet here in the U.S., hackers locked computer systems worldwide, then threatened to destroy data if the victim did not pay to be let back in.

In other words, they executed a large scale ransomware attack, targeting companies, government agencies, public institutions and ordinary citizens across continents. The attack comes just one week after Google Docs users were hit by a large-scale phishing scam. Google reacted swiftly to shut it down, but hackers are digital whack-a-moles: There’s no way to guarantee another won’t immediately pop up in your inbox.

Fortunately, there are steps that, taken together, can minimize your odds of falling victim — or mitigate the damages if you do get got. Here are 50 ways to avoid or deal with a cyberattack.

1. Update Your Computer Regularly

The recent ransomware attack exploited a vulnerability in Microsoft Windows servers. But here’s the thing: Microsoft released a security update to patch the vulnerability back in March. The lesson here: Enable updates when prompted. This goes for other devices, like smartphones and tablets, too.

“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Microsoft president and chief legal officer Brad Smith wrote in a blog post. “Otherwise they’re literally fighting the problems of the present with tools from the past.”

2. Turn on Your Firewall

That’ll help keep malware off your computers by stopping suspicious programs from downloading or accessing the internet, should one get onto your machine.

3. Install & Update Security Software

If you don’t have anti-virus or anti-malware software on your laptop or desktop, change that sooner rather than later. Otherwise, you’re making yourself an easier target. There’s a lot of truth in the statement “it’s not a matter of if, but when” when it comes to hacking and identity theft. Still, it’s best to make it as hard as possible for the scammers out there.

4. Set Software Limits

To block malware attempts, both Microsoft and Apple suggest limiting what software, programs or applications can do to your computer. You can set these limitations via your PC’s User Account Control or Mac’s Security and Privacy preferences.

5. Install Security Add-Ons for Your Internet Browser

There are free tools that tell you the safety of webpages you’re browsing, like Web of Trust or McAfee Secure Safe browsing plugins.

6. Check for HTTPS

When browsing, make sure URLs start with ‘https.’ The s means any data going back and forth between you and the site is encrypted.

7. Heed the Warnings

Google’s Safe Browsing is designed to flag unsafe websites and URLs you happen to stumble upon. Similarly, many providers flag potential scam emails either by sending them to spam or issuing a warning at the top of an email. While it can be tempting to write said warnings off, it’s in your best interest to take them seriously and, if you do proceed, do so with caution.

8. Learn How to Recognize a Phish

Phishers pose as legitimate entities to get users to click on a malicious link in their inbox. Their emails can look legit, but there are often tell-tale signs you’re dealing with a scammer, including typos, misspellings, generic salutations and sketchy urls, which you can spot by hovering over embedded links in the email. (Check out this story about a reader who received a scam email that included his friend’s Social Security number.)

9. Don’t Click the Links …

Even if you don’t readily spot any red flags. Instead, call the company or person sending the email directly to verify legitimacy. You don’t want to unwittingly download malware onto your computer that can spam your friends or hijack any personal information or passwords you type post-click.

10. … Enter Sensitive Personal Information …

In lieu of malware, some phishers simply prompt you to enter info directly on a spoofed website once you click. Consider the request for bank account digits, Social Security numbers or other sensitive data a big red flag. After all, financial institutions and government agencies, like the IRS, aren’t known to conduct urgent business over email. (Note: The IRS reported an approximate 400% surge in phishing/malware incidents early last year, so it’s important to be careful what information you share and where.)

11. … or Download Phishy Email Attachments

They can be yet another way in which the phisher is trying to install malware on your device.

12. Really, Just Avoid Unknown Emails

Even emails that seem safe can be dangerous. It’s common for attackers to impersonate someone you know, and if a contact of yours got hacked, they may unwittingly be spamming their entire address book. If you’re not expecting an email, do not know the sender or are unsure, do some research before opening the email.

13. Unsubscribe From Email Lists

If you aren’t interested in getting emails from certain mass distribution lists, take your name off. This way, your inbox is cleaner and you’re reducing the likelihood you’ll get an email from somewhere that got hacked. (Want to declutter your life even more? Here’s how to opt out of mailed credit card offers.)

14. Review Ads & Emails

Smart consumers never assume an ad or email is from a reputable company. Always verify if the information is legitimate by doing some research online (type the company or product into a search browser along with the terms “review,” “complaint” or “scam”). If something looks shady, it probably is. That said …

15. … Let Yourself Get Suspicious

Seriously, it’s OK to be extra cautious. Delete any emails, texts or anything else you’re not sure about.

16. Read the Privacy Policy

Don’t click “agree” and ignore the policy — take time to read it, as it will explain how your personal information is collected and used by the site. You’ll find out whether your information is shared with third parties and how that data is accessed. If something gives you pause, consider taking your business elsewhere.

17. Be Careful When Downloading Apps

Like we said, read privacy policies, including those lengthy permissions before you download an app to your device. Think about all you do and say on your devices — do you really want a scammer to have access to that?

18. Channel Your Inner Ron Swanson

No one expects you to go fully off the grid (even Ron caved and got a cellphone), but remember every time you sign up for a new service or share your information with another entity, you’ve presented cyber criminals another way to get to you. Consider keeping some aspects of your life off the internet, apps and devices.

19. Don’t Overshare on Social Media

Past addresses, the names of people living in your household and photographs are useful to identity thieves. They can help thieves bypass security verification questions or create new accounts in your name. Always think before you share something online.

20. Know When Your Social Security Number Isn’t Required

Just because there’s a line on a form for your Social Security number doesn’t mean you have to fill it in. Here are five places you should never give your Social Security number.

21. Don’t Blindly Fill Out Forms at the Doctor’s Office

If you’re at a doctor’s office and aren’t sure if they need some of the personally identifiable information they’re asking for (like your Social Security number), ask about it. This is an especially smart move because medical providers are a big target for data breaches. Here are four things your doctor doesn’t need to know.

22. Safely Dispose of Personal Information

Disposing of a computer or smartphone isn’t as simple as tossing it in the trash bin. With computers, be sure to use a program that overwrites the hard drive. Before you throw out a mobile device, check your owner’s manual or the manufacturer’s website to learn how to save or transfer information to a new device before doing a hard reset. Be sure to remove the SIM card and things like your contacts, search history and photos.

23. Get the Team on the Same Page

Whether it’s a quarterly refresher course or something everyone does once a year, making sure all employees are on the same page about digital security can help prevent everyone from getting hit by an attack.

24. Tread Lightly With Open & Public Wi-Fi

Free internet in public spaces like coffee shops and hotels is great to have, but you don’t know the other people sharing the connection. Someone else could be “eavesdropping” on what you’re doing, so limit your internet use on public networks. For example, using online banking while you’re on an unsecured Wi-Fi is a bad idea. (We get it, though — free stuff, like these 50 things, is great. Just make sure you’re responsible about it.)

25. Be Selective About Using Shared Computers

Sometimes you have to get online on the computer at the library or FedEx. If that happens, make sure you log out on any sites and wipe your browser history before you go.

26. Be Careful With Data Share Folders

Cyber attacks aren’t limited to sketchy links or emails. Hackers have found ways to take over your system right from file share programs. It may be easy to leave these logged in constantly, especially if you’re using them for work, but logging out may save you in the long run.

27. Turn Off Your Computer

While leaving your computer on “Sleep” mode makes it easy to get back to work, constantly leaving your computer on makes it more susceptible to viruses. Turn your computer off when it’s not in use.

28. Remember to Log Out

Whether or not you share your computer or device, logging out after each use is a good practice.

29. Don’t Save Your Login Info … 

It’s so much easier to let your browser and apps save your login credentials, but it’s not just easier for you — you’re making thieves’ jobs easier, too. A lot of cybersecurity decisions require choosing between convenience and safety. If you choose convenience, be prepared for some potentially unpleasant consequences.

30. … Or Your Credit Card Details

It may be easier to click once and your order is on its way, whether it’s from your favorite online store or the local pizza delivery place, but storing your credit card information can leave you vulnerable.

31. Lock Up Your Phone …

It may seem inconvenient to enter a passcode or have your finger scanned to access your messages and apps, but if you ever lose your phone, having it locked could be the difference between shelling out for a new phone and shelling out for a new phone and trying to find the person who drained your bank account and hacked your social media accounts.

32. … & Your Laptop

Experts recommend keeping financial information on your laptop only when necessary. It also helps not to use an automatic login feature that saves your username and password so it’s harder for someone to get at your personal information if your laptop is stolen.

33. Use Built-In Biometric Authentication When Possible

Some thumb drives require your fingerprint to access the information stored on it. This is a great way to deter criminals and keep your data extra secure.

34. Create Strong ‘Phrase Passwords’

If you’re using a generic password like “Password123” or your dog’s name and your mailing address, it’s time to up your game. Have a favorite lyric, phrase, quote or poem? Use it. 2BorNOT2B is a lot harder to guess, and is still super easy to remember. (Not sure if you’re using a strong password? To start, make sure it isn’t on this list of 25 passwords you should never use.)

35. Don’t Reuse Passwords

Just because you’ve come up with a great phrase password doesn’t mean you should use it for your email, social accounts, bank app and everything else. Try to make a unique password for each of your accounts. At the very least, make sure your financial account passwords are different than your social media passwords.

36. Use a Password Manager

A password manager can generate strong, complex passwords to make hacking your accounts harder. Managers like LastPass can also store and remember them for you. (You can read this for more on remembering passwords.)

37. Update Your Passwords Often

The information exposed in a data breach may be old, but that won’t be much comfort to you if you’ve been using the same password for the last three years. Get in the habit of updating your login credentials every six months or so.

38. Use Two-Factor Authentication

If a service you use offers two-factor authentication for logging in, take advantage of it. This usually requires entering your password, then entering a confirmation code that will be sent to you by text, phone call or email. If someone gets their hands on your password, chances are they don’t also have your cellphone, leaving them locked out of your account.

39. Answer Security Questions Creatively

Sometimes it’s OK to lie, especially when coming up with answers to security questions. This way, a crook can’t guess their way into your finances. Don’t get so creative you can’t remember the answer, and create a cheat sheet to help you keep track. You can store it on an encrypted thumb drive. On that note…

40. Store Your Personal Information on an Encrypted Thumb Drive

Important documents and login information (for those who don’t use password managers) should be stored on an air-gapped device, such as the thumb drive. Experts recommend keeping one at home and storing the other in a safety deposit box or a safe.

41. Make Sure You Trust That Thumbdrive

We get it — sometimes curiosity can get the best of you. But if you find a USB or external hard drive, think twice before just putting it in your computer.

42. Don’t Forget About Old-School Back-Ups

A cyberattacker can’t get into your filing cabinet, and there are some things you really don’t want to lose. Consider keeping a hard copy of important documents like your last few years of tax returns, mortgage paperwork, student loan documents and insurance policies, so you still have the records even if digital forms have been compromised.

43. Backup Your Data Externally …

If something happens to your computer or other device, knowing your files are saved elsewhere can reduce the headache.

44. … & Then Backup Your Backups

Remember, no system is ever completely secure. Make it a habit to copy important files, especially financial documents you need for things like mortgages and student loans. Place the data on a removable disk or backup drive and store it somewhere safe.

45. Take a Deep Breath

It’s understandable to freak out if you’ve been hit by a cyberattack or are being asked to pay a ransom for stolen files, but try to stay calm. Disconnect from the internet, and call someone for help, whether that’s your work’s help desk or a reputable cybersecurity firm familiar with the technology you’re using.

46. Report the Problem

In the wake of the Google doc scam, the tech giant urged users to report suspicious email and content to it directly. You can report scams to your local attorney general and the Better Business Bureau to help prevent others from similarly falling prey.

47. Consider a Credit Freeze …

Fell for a phish? Consider freezing your credit reports so scammers can’t use the personal information they pilfered to open fraudulent credit accounts in your name. You can learn more about credit freezes — and when to use them — here.

48. … or Request Alerts

A credit freeze can be cumbersome, particularly if you’re in the process of applying for a loan yourself. If you don’t believe a thief scored any seriously sensitive info, you could at least request that the credit bureaus put a fraud alert on your credit report. That’ll prompt creditors to take extra steps to verify your identity before extending credit.

49. Accept That You May Not Get Back What You Lost

In the case of ransomware, you may be tempted to pay what the thief is asking so you can have your files back. Some experts recommend against paying because it further incentivizes ransomware attacks, and you may not get your files back even if you do pay.  

50. Monitor Your Credit

Haven’t spotted any cyberattacks recently? It’s still a good idea to regularly monitor your credit for signs of identity theft. You can pull your credit reports for free each year at AnnualCreditReport.com and view your free credit report summary, updated every 30 days, on Credit.com.

Image: jacoblund

The post 50 Ways to Avoid (or Deal With) a Cyberattack appeared first on Credit.com.

4 Mother’s Day Scams You Want to Avoid

While it sure feels like there are more scams out there than mothers, it only takes one who “has your number” (or email) to ruin Mother’s Day.

Did you know that with the exception of Christmas, people spend more money on Mother’s Day than any other holiday? The forecast for 2017 is $23.6 billion, and if you think scammers aren’t on the job, there’s a new marshmallow bridge spanning Loon Lake I’d to sell you a piece of.

In order, the most-gifted recipients of Mother’s Day sentimental swag are mothers and stepmothers, then wives, daughters, sisters or stepsisters, grandmothers, godmothers, and, for the overzealous beyond that familial range — friends.

Here are four scams you’ll want to avoid while you’re shopping.

1. Greeting Cards

These days, paper greeting cards cost anywhere from 50 cents to $8, but the average cost of a festive snail-mail missive is between $4 and $5. This explains the huge uptick in e-cards’ popularity. They are more environmentally friendly and cost nothing. Sounds like a win-win, right? Not exactly. This method of transmitting heartfelt sentiment — as with all new technology — has the potential to create a massive headache for the mothers in your life who have something coming to them.

Specifically, the problem with e-cards is that they open the door to fake e-cards. Most people on social media accept friend requests from strangers, and once those strangers are welcomed into the fold, they are allowed as friends to see friends of their new friends. They can figure out who among your relatives has kids, and send them a fake e-card in your name — one carrying malware that can steal the recipient’s identity or wreak havoc in cyberspace. One click can install a keystroke logger that turns any electronic device into a transmitter of login information (endangering every account, especially finances), rope devices into botnets that distribute spam or launch distributed denial of service attacks on major websites.

Remember the rule: Never trust, always verify. Ask the person who sent you the e-card, in a separate email, if they sent a card. Don’t click through without a response, because there is no way to know the URL and determine if it’s legitimate.

If you’ve fallen for this, be sure to check your credit for signs of mischief. You can view two of your credit scores for free on Credit.com. And, if you need to up your digital savvy, here are four tips for internet safety.

2. Fake Flowers

Nothing brightens a mother’s day more than a beautiful bouquet. If you are ordering online, make sure the URL matches the shop’s website if you clicked through from anything other than your own search results. Call the shop to make sure they are the real deal.

Another favorite ruse dating back some time: Selling fake coupons from stores that promise monthly or weekly flower delivery. Remember, if it sounds too good to be true, most likely it is. Either work with a florist you know or find one near the recipient and conduct business with them directly.

3. More Fake Coupons

Fake coupons for saving are making the rounds again this year, most recently on Facebook, where people have been tempted by a $50 coupon redeemable at Lowe’s Home Improvement. If you click through, you’ll be asked to take a survey that solicits personal information and to post the offer on your Facebook timeline. Needless to say, the coupon is worthless.

“These coupons are not offers extended by Lowe’s,” the company wrote in response to customer questions on its Facebook page. “It is a scam and Lowe’s is unable to honor the coupon.”

Likewise, you should avoid a similar $75 coupon for Bed Bath & Beyond also making the rounds on social media. It’s a classic phishing scheme. When victims click on the link, they land on a fraudulent site that looks like the real thing, where consumers are prompted to enter sensitive personal information as well as their credit card number.

Bed Bath & Beyond similarly warned consumers that the coupons were fraudulent.

“We are sorry for any confusion and disappointment this fake coupon has caused,” it wrote on its Facemaiebook page. “We are partnering with Facebook to have these coupons removed. Thank you for your understanding!”

Facebook did not immediately respond to request to comment.

Caution should be used when it comes to any coupons, be they for a restaurant, an all-inclusive spa day or an in-home massage. It’s always best to call a favorite spot and make arrangements. There are plenty of crooks out there willing to represent those places to steal your personal or payment information.

4. Gift Cards

A whopping $46 billion was spent on gift cards last year, and numbers like that always attract scam artists. How it works: The scammer goes to the in-store sales rack and writes down the numbers on gift cards. They then call the customer service departments identified on the back of the cards to see if (and when) they have been activated. Like tax-related fraud, this scam succeeds or fails depending on how fast a transaction occurs, so if you get a gift card, it’s always best to use it as soon as you can. Otherwise, you may find it’s already been cashed in.

Finally, beware of third-party sites selling discounted gift cards. While some gift card resale sites are legitimate and offer buyer protections, not all do and open marketplaces that don’t specialize in this type of sale can be particularly susceptible to fraudsters. That’s why I recommend always going to the official financial service or retailer’s website to purchase gift cards.

While it sure feels like there are more scams out there than mothers, it only takes one who “has your number” (or email) to turn Mother’s Day into a real mutha, so be careful.

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

Image: Eva-Katalin

The post 4 Mother’s Day Scams You Want to Avoid appeared first on Credit.com.

5 Tricks to Make Your Identity Portfolio More Secure

Here are five things you can do to improve your identity portfolio.

I’ve written extensively about the importance of building a credit portfolio. Credit equals buying power, which, when used wisely, can lead to increased net worth. Put simply, bad credit means fewer consumer choices and a staggering number of lost opportunities in the way of deals, car-factory incentives and other credit-based transactions. No matter the purchase type, the lowest interest rates and the biggest loans go to those with the strongest credit portfolios. You can read about building your credit portfolio here.

Another portfolio is the one most people neglect, if they even know it exists: the identity portfolio. Your identity portfolio is not something you can buy, trade or sell. It’s not as easy to assign a value to it. You can manage it badly and (most likely) not go bankrupt. In most situations, you won’t even lose any money — though you may not be able to get your hands on whatever was stolen by identity thieves for a while. That said, a poorly managed identity portfolio can cost you big time.

First of all, the longer your money is tied up (it can take between six months to almost one year to get a stolen tax refund), the longer it will lie dormant. You can’t invest accounts that are still receivable. Second, you lose something that’s hard to quantify — your peace of mind and your ability to get through your day undistracted.

In more concrete terms, while the crime committed against you is getting sorted out, your credit will take a hit. You will lose the chance to take advantage of credit-based purchases while you are resolving the fallout from identity theft. (Not sure if you’ve been the target of identity theft? You can check for signs by viewing two of your credit scores for free on Credit.com.)

Here are five things you can do to improve your identity portfolio to make sure that doesn’t happen.

1. Adopt Two-Factor Authentication

Increasingly, the websites you visit most — the ones that require authentication — will offer two-factor authentication. Whether the process triggers a code being sent to your phone via SMS or it fires off an email with that information, this simple security precaution makes it more difficult for a hacker to take over your accounts. The reason: They need more than the answers to your security questions or your login credentials. Two-factor authentication works because the scammer needs control of your email or access to your SMS messaging, which in most cases requires actual possession of your phone (and the security code to unlock it).

2. Make Your Login/User ID Complex

Hackers and scam artists are very good at cracking the virtual safes where you keep your money, and they know how to slip past the gates protecting your social media activity. Many sites still insist on making people use their email addresses as a user ID. While it’s not as quite as risky as a Social Security number or a name/date of birth combination, your email is personally identifiable information (PII). If you are given the choice to make up a user ID, there is no reason it has to be your name. Get creative or treat it like a password (but don’t get so creative that you are tempted to share your clever inventions with friends and strangers via social media). Always assume the bad guys are watching — they are.

3. Answer Security Questions Creatively

Security questions are a real problem. After decades of oversharing on social media, your mother’s maiden name, what high school you attended, the make of your first car and your favorite action movie are all up for grabs. Think you’ve been careful? What about your friends? Are you tagged? Mentioned? Even if you don’t have an account, chances are good that the people closest to you — those sharing biographical information with you — are active on social media. To avoid the possibility of a crook guessing his or her way into your life, your answers to security questions should always be lies. As above, let your spirit fly. But don’t be so creative that you can’t remember your lies. If you’re afraid of losing track, create a cheat sheet and store it on an encrypted thumb drive.

4. Store Your PII on an Encrypted Thumb Drive

Losing your most essential personally identifiable information is a real drag. I recommend scanning the most crucial documents, as well as your login information if you don’t use a password manager, encrypting that information, and storing it on an air-gapped device, a category that includes the humble thumb drive. Keep one at home and store the other in a safe deposit box or a safe. This is particularly useful when you’re traveling.

5. Choose Built-in Biometric Authentication

Speaking of thumb drives, for a reasonable price you can buy one that requires your fingerprint to access the information stored on it. Whether it’s a new smartphone or a gun safe, there are an increasing number of products that offer biometric security features.

Remember, as I discuss at length in my book SWIPED, don’t share too much information with folks you don’t know, whether in person, on the phone or online via social media, and never authenticate yourself to anyone unless you are in control of the interaction.

Bear in mind, micro-trends on social media (10 concerts I’ve been to, one is a lie; top 10 favorite movies, important books you’ve never read, etc.) are not only a fun way to get to know your friends better. They offer hackers information that can be used to answer security questions. In fact, you never know the origin of these digital stadium waves. It’s wise to assume they were started by identity thieves looking to harvest useable information. So resist the urge to answer them.

It’s also critical to set long and strong passwords and properly secure all computers, smartphones and tablets used by you and your family. As mentioned, use two-factor authentication when possible and shred sensitive documents.

Too much to remember? The nonprofit Identity Theft Resource Center (ITRC) has created a simple set of protocols called SHRED:

  • Strengthen passwords
  • Handle PII with care
  • Read credit reports annually
  • Empty your purse/wallet
  • Discuss these tips with friends

I encourage you to do all of the above and make good privacy and security hygiene a part of your daily life. Change the way you think about identity theft and your personally identifiable information. Over time, you will naturally become more vigilant. You will bear in mind what happens when people overshare on social media. You will be careful about who you tell what and why. You will not let down your guard, and before you know it, your identity portfolio will have a triple-A rating.

Image: andresr

The post 5 Tricks to Make Your Identity Portfolio More Secure appeared first on Credit.com.

How to Remember All the Passwords You Need in Your Life

Passwords need to be complicated to be secure. A password manager can create strong passwords and help you remember them.

It seems like everything you do on any of your digital devices requires a password and the requirements for these security codes are getting more and more extensive. Some sites don’t allow words that can be found in dictionaries, while others don’t want any logical sequences or personal elements like a house number, street name, zip code, birth date, birth year, child’s name or pet’s name. Many accounts require your password to have both uppercase and lowercase letters, as well as numbers, special characters and a specific minimum and maximum length. The list goes on and on.

So while you might still use poodle1234 to log into your old email account, that password may not get approved for more current accounts. (You probably don’t want to be using the same password across multiple accounts, anyway.)

The strongest passwords are typically long and random, as this makes them harder for hackers to guess. Because of this, passwords often end up looking like gibberish, like: (&cR=x?fae~c[R5GAs3AN4?.

Remembering Complex Passwords

It isn’t easy to remember all of these long, random, complex passwords and some websites disable password saving on their login screens, but there are password managers that can help. They’re available from a variety of sources, including anti-virus software providers and standalone password services. If you’re looking to try out a password manager tool, but aren’t sure where to start, we’ve highlighted four common ones below to help you get started researching your options.

It’s important to make sure you feel safe with any of these options, as you don’t want your passwords to fall into the wrong hands. A weak password could help make you a victim of identity theft, which can wreak havoc on your finances. While you’re beefing up your passwords, another good practice is to regularly monitor your credit for signs of identity theft, like a sudden drop in your scores. You can check two of your credit scores for free on Credit.com. (Note: The password managers below all use encryption to protect your data.)


LastPass, a free password manager, generates random passwords using a browser toolbar extension. You can access the passwords using your LastPass account menu, stored right in your browser bar. However, once you’ve saved credentials for a particular site, it will show up automatically in a popup when you click the icon. Do you have three different Gmail accounts? No problem. You can save multiple login credentials for any site. You can also edit the credentials and you can share passwords with others if you want someone else to have access to one of your accounts, even if the password changes. (Just make sure you’re selective about who you share personal information with.) You can use LastPass across multiple devices, and your password vault is available even if you’re offline.

Google Smart Lock

Google Smart Lock runs in the Chrome web browser and will automatically log you into the sites you visit if you turn on this feature. Once active, Google will ask you if you want to save the account info when you log into sites.

To get an overview of your saved information, visit myaccount.google.com. Start at “Sign-in & security,” click on “Connected apps & sites” and scroll down to “Saved passwords.” Click on “Manage passwords” to see options. If you turn on Smart Lock, Google will log you into saved websites and bypass the login screen. You don’t want to turn this feature on if you’re uncomfortable being removed from the login process.

Your Google account is the master login for the Smart Lock feature. That makes password management extremely convenient, but it also means that if someone gains access to your Google account, they can also access and control your passwords. Google Smart Lock does not include a password generator and it doesn’t work on iPhones or browsers other than Chrome.

Norton Identity Safe

Norton Identify Safe is a free password manager made by Symantec, the company behind the well-known Norton AntiVirus products. It is installed on your computer and any other device you choose, as well as your browser. You’ll find a link to a random password generator right at the top of the Norton Identity Safe website.

When you set it up, you’ll need two passwords: one for your account and one for your password vault. Both passwords should be complex but memorable because your stored passwords will be inaccessible until you open the vault.

Once you enter your various login credentials in the app, the sites appear in an alphabetical list in your password vault. A colored bar tells you whether your password is weak (red), moderate (yellow) or strong (green).

Norton Identity Safe can also securely store your credit card numbers for easy online payments. (It’s important to be careful when you’re sharing personal information like credit card numbers online, as this can open you up to credit card fraud.)


SecureSafe is a cloud storage service for sensitive files and passwords. File storage is its standout feature. If you need to store a digital copy of a sensitive file (like one of these seven documents you need to fill out before you die), a SecureSafe free account includes 100 MB of file storage space and can save up to 50 passwords. Paid accounts (starting at $18/year) get unlimited passwords and more file storage space. The app includes a variety of security features for file storage, including a free, secure PDF viewer for smartphones.

When you open the app on desktop or mobile, passwords are listed alphabetically. If you’ve entered the URL, you can click the arrow icon to go straight to the site. The password is copied to your clipboard automatically so you can paste it into the field on the login screen. The clipboard is erased after a short period of time; the time period is customizable.

SecureSafe doesn’t run as a browser extension, so you need to log into your account to access your passwords. This is an advantage for people who don’t want extension clutter or popups, or for people who use shared devices. The extra steps are cumbersome, though, for anyone who wants passwords to automatically populate.

Want to learn more about how to keep your information safe? Here are eight ways to protect your privacy online.

Image: pixelfit

The post How to Remember All the Passwords You Need in Your Life appeared first on Credit.com.

Is It Time to Buy a Biometric Scanner?

Biometrics can provide an additional layer of security — which is why you'll see more and more of them built into your devices.

Identity theft is still out there, keeping pace with the latest innovations and security measures, and snaring new victims every day. With the advent of cheaper, standalone, easy-to-integrate biometric technology for authentication, is it time to buy a fingerprint scanner?

What’s a Biometric Scanner?

Biometric technology uses physical or biological information, like a fingerprint, retinal scan or heartbeat, to authenticate a person’s identity. You can currently purchase the most commonplace biometric scanner — that is, one that uses a fingerprint —starting at around $50. The scanner can be used to protect computers and other devices that support biometric scanning technology.

Do Biometrics Provide Additional Security?

The short answer: Yes.

Authentication can effectively use three things to keep the wrong people out: something you know, something you have and something you are. We’re all familiar with the first line of defense. “What you know” takes the form of security questions, passwords and a security picture, and there are various strategies to keep it all straight. Some choose to use password managers or proprietary systems like Apple’s iCloud Keychain. Others prefer to have an encrypted personal security list (logins, passwords) stored on a cloud server. Still others put “what they know” (but couldn’t possibly remember) on a USB stored on a keychain or in a safe if the information is not encrypted. And, yes, some go a little further, choosing to use a fingerprint-encrypted drive (i.e., biometrics). How you manage what you know comes down to personal preference, but the first line of defense is not fail-safe. In fact, there are hacks and breaches all the time. (If you believe you were the victim of a hack, you can view two of your free credit scores on Credit.com for signs of identity theft.)

The second line of defense, “something you have,” could be access to an email account, a key fob or your mobile phone. You need to have your phone in hand, for instance, to receive the verification code so you can get waved through some digital security checks. This is called two-factor authentication — and, yes, it’s more secure than simply protecting accounts with an alphanumerical password.

The last line of defense, “something you are,” is a really hot topic right now. As I mentioned earlier, in sophisticated systems, this might include a scan of your retina, your finger- or handprints, your body weight (including ups and downs), your height, your face or all of the above. This information is clearly specific to you — and not so easily replicated — so again, it’s miles more secure that the old standard password or, even, two-factor authentication.

Needless to say, were you to implement a security protocol that combined all three of the above protocols of authentication, a.) criminals would have a really hard time making any money, but b.) we would all be frustrated.

Does It Have a Place in the Home?

Biometric authenticators have been the security mode for quite some time in the military and wherever large amounts of money or gold or drugs or weapons are stored, as seen in countless spy and heist movies, but they are slowly making their way into people’s homes.

From smartphones to gun lockers to personal computers, a steady march of devices is offering a biometric element for the user-authentication process. One example comes by way of a new secure credit card being tested by MasterCard in a chain of supermarkets in South Africa. The card is able to store an encrypted copy of the user’s fingerprint, which would make it exceedingly difficult for a scammer to beat.

(Would it be impossible to beat? As with all great capers, only the crooks know for sure. There was a flurry of coverage not too long ago about how photos of people flashing a peace sign could lead to the theft of their fingerprints, thanks to the proliferation of high-definition cameras. But fact-checking website Snopes listed the story as “Unproven,” and for good reason. While it is theoretically possible, no criminals have been caught doing it.)

Should I Run Out & Buy a Fingerprint Scanner?

Here’s the rub: You won’t really need to.

Unless you were born a long time ago, you may not know what an 8-track is. It came before the cassette tape, which preceded the CD, which is the grandfather of the MP3. When you want to make a point about obsolescence, there are few better examples than those clunky old tapes. I bring them up because current standalone biometric scanners are without a doubt the 8-track of digital security devices.

If you accept the similarity between biometric scanning devices and MP3 players, the answer to the question above will be crystal clear. These days, MP3s can be played by all the devices we use most. We’re seeing the same thing happen with biometric scanning.

Whether it’s a smartphone, a computer or Mastercard’s new fingerprint-encrypted cards, all stripes of products you use on a daily basis will eventually feature built-in biometric scanners. And, if you are buying something today and prefer devices with built-in (rather than bolt-on) security, don’t despair. There are already plenty of choices out there. Case in point: Anyone with the latest generation of a particular smartphone likely has the option of locking and unlocking the device with their thumb.

Personally, unless and until all devices that should be secure feature biometric scanners, I would suggest opting for those that do — much in the same way I’d advise you to refrain from using ‘1234’ as your password. You can learn more about biometric technology, how it works (and whether it can be hacked) here.

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

Image: Michael Krinke 

The post Is It Time to Buy a Biometric Scanner? appeared first on Credit.com.

50 Money Moves to Make Before Graduation

If you’re a senior in college, or the parent of one, you’re probably counting down the days until graduation. But are your finances prepared for the big step? Don’t worry if they’re not — most students feel overwhelmed by the task of managing money. To give you the confidence you’ll need to succeed in the real world, we’ve compiled a list of 50 money moves to make before graduation.

1. Start Saving Those Pennies

And whatever else you can afford to squirrel away before you graduate. Retirement may feel like eons away — and in your 20s, it certainly is — but you’ll never regret having money for that freak car repair or hospital visit.

2. Find Out Whether You Have Private or Federal Loans 

The first step to paying off your student loan debt is to find out what type of loans you have. Private loans are issued by financial institutions, while federal student loans are issued by the government.

3. Find Out What You Owe & to Whom … 

Several loans may mean several servicers, and it’s not always easy to keep track of them all. To see what you owe for federal student loans and who services them, you can go to the National Student Loan Data System, select “Financial Aid Review” and accept the terms and conditions. Be sure to have your FSA ID handy or the information you need to create one. You can check your credit reports to see who services your private student loans.

4. … & When to Start Making Payments

Most federal students come with a six-month grace period, meaning you’ll have some time to work that monthly payment into your budget. Many private student loans offer the same option.

5. Complete Exit Counseling

Federal student loans require exit counseling when a student drops below half-time enrollment, graduates or leaves school. You can do this online in about 20 to 30 minutes. Exit counseling will inform you when your first payment is due.

6. Know the Costs of Deferring Federal Loans …

With some loans, like federal Perkins, you don’t have to worry about interest if you enter deferment. But unsubsidized federal or Plus loans will continue to gain interest, causing your balance to soar. Be sure to find out how much interest you’ll accrue if you decide to take this option and read up on how student loan deferments affect your credit.

7. … & the Dangers of Default

Failing to pay your loans as agreed can lead to default. That can take some time (270 days for federal loans, to be exact), but it’s something you don’t want to do. You’ll lose access to deferment, forbearance and a range of government benefits, as well as the ability to apply for more federal aid. You could also face collection activity, legal action and poor credit.

8. Don’t Fear Your Loan Servicer 

If you’re worried about making your student loan payments after graduation, be proactive and talk with your servicer. They may outline options you wouldn’t have thought of that can help you avoid missing payments.

9. Catalog Your Basic Repayment Options 

That way you’ll have a idea of what can be done if money is tight. The government offers income-driven repayment plans for various situations, although a longer term and lower payment may mean you end up paying more than you’d hoped. There are also deferment, forbearance and even student loan rehabilitation if you go into default. You can find a full list of options here.

10. Familiarize Yourself With Refinancing  

You’re unable to refinance student loans within the federal student loan system, and while doing so could help you secure a lower rate, it will change the terms of your loan. Also keep in mind that refinancing federal loans with a private lender means forfeiting government benefits.

11. Avoid Student Loan Scams 

There are a lot of people trying to make a buck off the confusion around student loans. Don’t get tricked into paying someone for things you can do for free, like consolidate your loans, change your repayment plan or submit student loan forgiveness paperwork. If you really need help, consider seeking advice from a reputable consumer protection or student loan attorney.

12. Learn the Basics of Credit 

Consumer credit is tricky to learn, but it affects your life immensely. A landlord could pull your credit report before deciding to grant you a lease, and an employer could check a version of your credit report as part of their hiring process. To grasp how credit affects your life, do some research. (We have plenty of credit explainers to help you get started.)

13. Start Building Good Credit 

Before you graduate, you’ll want to work on building your credit, especially if you have a thin file, as most students do. A good place to start is with a secured credit card, which requires a deposit that serves as your credit line. There are also credit cards geared toward students.

14. Check Your Credit Reports

If you’re an authorized user on a parent’s credit card or you’ve been using your own starter card since freshmen year, you may have established some credit. Your student loans can help you build credit, too. To see what you have, pull your free annual credit reports at AnnualCreditReport.com. You can also view two of your credit scores for free on Credit.com.

15. Dispute any Errors

Mixed files and identity theft are common occurrences. If you spot something on your credit reports — like multiple credit inquiries you didn’t make or an inaccurate address — be sure to dispute the error with the credit bureaus.

16. Know Warning Signs of Identity Theft 

From account withdrawals you don’t remember making to mysterious charges on your credit card, the signs of identity theft are usually easy to spot. This guide can point you to six other signs that you need to watch out for.

17. Shop for the Right Credit Card

Secured credit cards and student credit cards are designed to help you build credit, so look for the right terms and conditions. Be sure to check if the card has a low annual fee and competitive interest rates, and perhaps keep an eye out for features like rental car insurance and travel assistance. The best student credit cards tout rewards for smart spending habits.

18. Use Your Card Wisely 

Most credit card issuers report your activity to the three major credit bureaus (check before you apply), which can help your score improve over time. For best results, be sure to make your payments on time and keep balances low.

19. Pay Credit Card Bills on Time

Speaking of late payments, it’s a doozy of a move to pay your credit bills late. Doing this will drag down your score, result in fees and make you look irresponsible in the eyes of lenders.

20. Consider Upgrading Your Plastic

If you’ve been using a credit card responsibly since freshman year, you may be able to qualify for a better one. Next-level credit cards can include a higher credit limit, lower annual percentage rates (APRs) or rewards.

21. Know Other Options for Building Credit

Can’t stomach the thought of handling a credit card? You have options. Credit-builder loans are one, as are passbook or CD loans and personal loans. You can read more about how to build credit without going into debt here.

22. Draft a Budget for Your Money …

This will help you stay on top of your finances and plan for the best things (backpacking in Thailand) and the worst things (health scares). To make it feel like less of a burden, find the system that works best for you.

23. … & Your Time 

It may seem like you have a lot of it now, but time will fly once you’ve graduated. If you haven’t already, learn to budget your schedule so you have enough time for work and play. A balanced life can go a long way toward financial wellness.

24. Start Tracking Discretionary Spending 

Things like food and gas can quickly add up if you’re not being careful. By tracking this category, you’ll be sure not to go over budget and get a sense of how much you should put toward these items each month.

25. Watch for Irregular & Big-Ticket Items 

It’s always better to be prepared for a bill than surprised by it. Be sure to keep an eye on irregular expenses as you track your spending so you have an idea of how much you’ll need to set aside to cover them when they arise.

26. Open a Savings Account

What good is a rainy day fund if you have nowhere safe to store it? A savings account can help you do that and see what you have at a glance. When shopping for accounts, be sure to ask about interest, fees and conditions.

27. Start Paying Yourself  

Before you land a job, vow to pay yourself first. That means setting aside a portion of your paycheck or graduation gifts each month, and then budgeting the rest.

28. Consider a Side Gig

There are plenty of ways for full-time students to jumpstart their savings. Consider sharing your car, pet sitting, freelancing or tutoring during your downtime.

29. Sell Your Stuff

You can also make extra cash by selling used textbooks, dorm furniture and mint-condition clothing online.

30. Check Your Checking Account

If you’ve been using a student checking account, chances are that offer will expire. Check with your bank to see if you need to switch to a standard account.

31. Shop for Fee-Free Accounts 

With free checking accounts on the market, there’s really no reason to pay for one. If your bank happens to charge you a fee, ask to have it reversed or take your business elsewhere.

32. Open an IRA

If you have a part-time job, consider contributing to an IRA. You can find a full explainer on IRAs here.

33. Get a Health Insurance Plan

Under the Affordable Care Act, you can stay on a parent’s insurance plan until you are 26, with their permission. If you can’t get coverage through your parents or new employer, you’ll need to go through the government exchanges or face a tax penalty. Take time to research the options.

34. Automate Bill Pay …

You know the dangers of paying bills late, so why not streamline the process? By automating bill pay, you’ll never have to worry about missing a payment or getting hit with late fees.

35. … & Check Your Statements

You never know when fraud will strike, and you want to keep an eye out for new fees or fraudulent charges.

36. Sign Up for Alerts

Many banks and card issuers offer email or text message alerts that let you know when funds are low, balances are high or you’re in danger of missing a payment. These alerts can help you spot fraud and protect your credit before it’s too late.

37. Don’t Forget Your Rent 

Failing to pay your rent can torpedo your credit, and if you’re evicted, that will likely show up on a tenant-screening report. Worse still, if your landlord reports you to a debt collector, the collection account could appear on your credit report — and stick around for up to seven-plus years.

38. Sanitize Your Social Media Accounts

Your social media presence can work for or against you. So if you tend to post pics of getting sloshed every night, chances are future employers won’t like it. Think twice about what you post and do your best to keep it clean. You don’t want these things to jeopardize your financial stability.

39. Quit Smoking

And give up other vices. Not unlike drinking, smoking is a dangerous habit that can literally shave years off your life. It’s also expensive.

40. Track Down Your Documents

Make sure you have your Social Security card, passport, driver’s license and birth certificate since you’ll need to provide identification when you score your first job, apply for a loan and more.

41. Get Your Finances Under Wraps …

Keep sensitive documents under wraps, even at home, and never, ever share your credit or debit card information, especially PINs.

42. … & Stop Posting Pictures of Your Credit Card 

Your credit card may not display all the information hackers need, but you’ll be bringing them one step closer if you post pictures of your credit or debit card numbers online. Also, don’t send your credit number over email or text message. Even if you trust the recipient, there’s always the chance their account could be hacked (or their phone could be stolen).

43. Beef Up Your Passwords 

Aim to create passwords that no one can guess, and always combine upper- and lowercase letters with numbers, symbols and words not found in the dictionary. The more complex it is, the more secure you will be.

44. Check Your Email 

You wouldn’t leave your wallet on the New York subway, so why share your personal info by email? Avoid sending your Social Security number and any account information, and do your best not to store personal information in the event you get hacked. If something sensitive is in your inbox, delete it for good.

45. Get Scam-Savvy  

Never open an email that’s just a link, and if you’re in doubt, don’t click. If you know the sender, you can ask if the message is legitimate. But if something seems out of the ordinary, it probably is.

46. Get Frugal

Avoid the urge to splurge and get savvy as you gear up for graduation day. The next few tips can help you get started.

47. Learn the Art of the Promo Code 

Get in the habit of digging around for promo codes whenever you shop online. Who knows? You may save on shipping.

48. Start Checking Return Policies 

Shopping for your post-collegiate apartment? Read the fine print. No one wants to get stuck with a broken rice cooker.

49. Start Cooking at Home 

You don’t have to do it every day, but every bit counts. The less you eat out, the more you’ll save.

50. Start Buying Generic 

These products are often just as good as name-brand ones and cost a lot less.

Worried about going into debt after college? Don’t stress. Here are 50 smart ways to help you stay out of debt.   

Image: m-imagephotography  

The post 50 Money Moves to Make Before Graduation appeared first on Credit.com.

6 Easter Scams You Want to Avoid

Easter is a time for family, but there are six scams you'll want to watch out for.

Easter is a time for family, colorful parties and egg hunts, but sadly it also attracts scam artists looking to make a quick buck during the high-fructose corn syrup free-for-all.

There are all stripes of Eastertime cons and scams waiting for you if you’re not paying attention — or even if you are. Some don’t really qualify as scams, whether we’re talking about those colorful plastic eggs for storing treats, sometimes loaded with lead paint, that old favorite Kinder Eggs, now illegal due to choking hazards, or folks selling bad chocolate. First and foremost, you need to be a savvy consumer.

But awareness isn’t such an easy thing when there are so many ways a person can get scammed. Here are six scams to watch out for.

1. Charity Scams

Some people say Easter was originally a pagan holiday to celebrate fertility, which explains the eggs and bunnies, but it’s primarily a religious holiday, and as such there are plenty of scams out there pointed at spiritually minded people looking to make the world a better place.

If you get an email from a charity, even if it’s one you’ve given to in the past, don’t click any links. Type in the URL or find it through search and make sure the address is correct. Scam sites will often be slightly different than legitimate ones. And although this should go without saying, never give a donation over the phone if you receive an unsolicited solicitation. Call the charity, or use a secure site to make your contribution rather than providing your information by phone, or send a check.

2. E-Cards

As I’ve said ad nauseam, including in my book Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves, never click strange links or download files you receive — even e-cards that appear to be from loved ones or friends. E-cards can mask links to malware.

3. Cute Meme Scams

The same thing goes for all the cute stuff you get via email this time of year. Before you click on the link below a message, ask yourself: Is it worth hours of hassle getting a virus off your computer or causing malware to install ransomware or a keystroke logger on your machine that gives a crook access to every financial account you visit on your computer?

4. Pet Scams

For better or worse (usually worse for the animals), adorable pet babies are a gift idea associated with Easter. In addition to the question as to whether unexpected livestock or woodland creatures are a good idea, if you’re going to go pet shopping for the holiday, beware that scammers are lying in wait to grab your money and disappear into thin air. Whenever buying a pet, do it in person.

5. Airline Scams

Easter Week is often during a school recess, and many people try to book last-minute travel. Be very careful when booking flights. Take the time to determine whether or not it’s a scam. For starters, only do business with a secure (look for the padlock next to the URL) and well-reviewed site, and make sure the address is correct. (You can see more tips for surfing the internet safely here.) Also take the time to read and understand the privacy policy.

It could be that you receive an email or a phone call informing you that you have a chance to cash in on a big win: Free airline tickets. There have been several attempts to contact you about the tickets (you won them through a sweepstakes you have never heard of, in which you were automatically enrolled when you purchased some product or service you can’t recall, and you’re going to lose the tickets if you don’t act quickly. There are certain requirements. But meeting those obligations will cost you far more than the alleged free tickets.

6. Last-Minute Vacation Rental Scam

The scam happens when a thief finds a rental property online and uses the details to create his or her own website and listing. There may even be bogus five-star reviews, and the deal will sound particularly affordable, possibly due to a one-day-only internet sale. You book the listing, pay either by credit card or wire transfer, and pack your bags.

Here’s the problem: When the time comes and you show up for your vacation, that’s not your condo. It’s not just a matter of bait and switch, where the gorgeous property on the website doesn’t exactly live up to the reality. In this case, the property is very real and even very beautiful … but you didn’t rent it. There may even be another family inside. You now find yourself on vacation with nowhere to sleep, and your scammer is nowhere to be found.

Tip: Whenever you’re booking a rental property — for any reason, not just a beach getaway — there’s a sneaky little trick you can use to verify the authenticity of the listing and the property. Instead of emailing, call the person, but first do an online search for other businesses in the area surrounding the property, then ask the contact some specific questions to which you’ve already figured out the answers. How far is it to the nearest beach access? Where is the nearest restaurant with a kids’ menu? How far are we from an emergency room in case someone in our group gets hurt?

The thing about an Easter sugar high is that it makes you happy, and then you crash. When it comes to these scams, it’s all crash and no high. If you have reason to believe you’ve been the victim of a scam, don’t brush it off. You can check for warning signs by viewing two of your free credit scores on Credit.com.

Image: FatCamera

The post 6 Easter Scams You Want to Avoid appeared first on Credit.com.

Credit Bureaus Announce Free Credit Freezes for Military Members

Active-duty military members are given a number of financial protections, and the major credit reporting agencies just added one more perk to that list.

Active-duty military members are given a number of financial protections that average consumers aren’t privy to, and this week the major credit reporting agencies added one more perk to that list — free credit freezes.

The move was announced Wednesday in a release from the Consumer Data Industry Association, a trade group that represents the major credit reporting agencies. Experian, Equifax and TransUnion are all participating in offering free credit freezes for active-duty military, which is expected to roll out in the first half of 2018.

Freezes are a tool used for identity theft victims to stop their credit from being used without their permission. It essentially blocks anyone from opening new lines of credit using the consumer’s identity, unless the consumer has the freeze temporarily lifted or removed.

“Given the nature of the military lifestyle, with frequent location moves and overseas deployments, these brave men and women, and their families, may find it particularly challenging to address an identity theft situation,” said Eric J. Ellman, Interim President and CEO of CDIA.

Placing, lifting or removing a security freeze can cost up to $10 each time, depending on the state you live in and the bureau offering it. Active-duty military members already can place a one-year credit alert on their file for free, though this will not stop a new application for credit by default like a freeze would. The alert just requires the lender or creditor to take extra measures to ensure the applicant is legitimate.

Identity theft can do major credit score damage both upfront and in the long term. An identity thief with enough information to apply for credit in your name can make a bunch of applications for credit in a short period of time before you notice the theft. That will cause an immediate drop in your score by inflating your inquiries. And if the theft goes unnoticed, any new accounts that they’ve opened will go without payment, sinking your score even more.

The move by the bureaus to offer free credit freezes is especially important when you consider the long-lasting impact of identity theft on military members and veterans. Buying a home, getting credit cards, even starting a business (9% of U.S. businesses are veteran-owned, according to the Small Business Administration) are extremely difficult to do with a bad credit score, and identity thieves with personal information like your Social Security number can lie in wait for years since these numbers rarely change, hurting servicemembers long after the theft has occurred.

The best protection against identity theft is vigilance. Keep an eye on your credit reports and scores, checking for signs of identity theft. (You can see two of your credit scores for free right here on Credit.com.) Keep your personal identifying information on lockdown. And if you still find your information being used fraudulently, credit alerts or freezes can help keep you safe.

Image: AleksandarNakic

The post Credit Bureaus Announce Free Credit Freezes for Military Members appeared first on Credit.com.