10 Best Ways to Protect Yourself From Financial Fraud

Banks, credit card companies, the government, and all sorts of agencies are constantly trying to find ways to keep your money and data safer.

But scammers never seem to be too far behind.

A 2023 Ipsos poll, conducted on behalf of Wells Fargo, found that almost one in three respondents (31%) have been victim to an online financial fraud or cybercrime. Moreover, while nearly three-quarters of Americans feel they’ve taken the appropriate steps to combat being scammed, nearly half (48%) think they’ll become a financial cybercrime victim in the future regardless.

While it’s true that there’s no 100% foolproof way to prevent yourself from falling victim to a financial scam, you can stack the deck significantly in your favor by taking a number of commonsense steps.

Today, I’m going to go over some of the easiest, most effective ways to protect yourself from financial scams. By taking the proper precautions, you can still enjoy the convenience of modern-day banking and shopping without leaving yourself completely vulnerable.

How to Keep Your Money Safe

I get it. I think we all wish we could take the path of least resistance and spend without a second thought. Having to remain vigilant every time you log into your bank account, use a gas pump, or hand your credit card over at a restaurant—every single day—is downright exhausting.

But you know what’s more exhausting? Untangling your financial life after you’ve fallen victim to fraud.

Depending on the scam, you might not be able to get your money back. Or if you can recoup your funds, you can do so only after a long process involving a lot of forms.

It might take effort, but your best bet is still to try to prevent getting hit by a financial scam rather than having to clean up after one. These simple tips can help you do just that.

1. Use Credit Cards More Than Debit Cards

As a general rule, it’s safer to pay with a credit card than a debit card.

Let’s say your credit card information is stolen. Under federal law, your responsibility for unauthorized charges is limited to $50, assuming you report the charges within 60 days. Many major credit card companies won’t even charge you that amount; card issuers frequently offer zero liability, meaning as long as you report fraudulent charges promptly, you won’t be responsible for any of them.

The laws for debit cards leave less room for error. Per federal law, your maximum loss is $50 if you report a lost or stolen debit card within two business days after you discover it has gone missing. That’s a pretty short window. If it’s more than two business days, but within 60 calendar days, the maximum loss is $500. If you make the report more than 60 calendar days after a statement is sent to you, you might lose all of the money taken from your account (and possibly more if you have linked accounts).

Because your debit card is directly linked to your bank account, debit card theft can cause additional issues. If money is stolen, your account might not be able to cover bills that are automatically paid from that account. So you could either face overdraft fees, or late or missed payments, which could harm your credit score.

Related: ‘Dirty Dozen’: 12 Tax Scams to Watch Out For [And How to Avoid Them]

2. Review Bank + Credit Card Statements

It’s hard to detect fraud if no one’s looking!

Routinely check your bank and credit card statements for unauthorized purchases. Even if your physical card hasn’t been stolen, your card’s information might have been—and could be used to make online purchases. Also remember: You need to promptly report fraudulent charges so you aren’t found liable. And don’t just look out for large, suspicious activity—some scammers refrain from making big, immediate purchases. Instead, they’ll make small purchases over time so the theft isn’t obvious, then strike when it’s clear no one is monitoring the account.

Stolen information isn’t the only reason to check your accounts, either. You also need to look out for human and technological mistakes. A restaurant might have misread (and mis-entered) a much larger tip than you left. You might still be getting charged for a subscription you thought you canceled. Maybe your credit card company charged you a late fee even though you thought you paid on time.

And beyond spotting fraud and mistakes, regularly checking your financial statements gives you a better idea of where your money is going. That’s a basic building block of successful budgeting.

WealthUp Tip: Enable push notifications for mobile banking apps and credit cards. Often, you can get notifications for every transaction or set notifications for over a certain dollar amount. This helps you notice any fraudulent charges right away.

Related: Top 15 Cities With the Highest Minimum Wages

3. Check Your Credit Reports

Similarly, you should check your credit reports regularly—at a minimum, annually. You can get a free copy of your credit reports from the three major credit reporting bureaus—Equifax, Experian and TransUnion—every 12 months from annualcreditreport.com. 

Checking your credit report can reveal a number of negative weights on your credit score, including fraud.

Recently, Consumer Reports asked thousands of participants to check their credit reports and respond with their results. Nearly half of the respondents (44%) found at least one error on their reports, and of those, more than a quarter (27%) were “serious enough to potentially affect their creditworthiness.”

According to the Consumer Financial Protection Bureau (CFPB), some of the most popular credit report mistakes include:

• Misspelled name; incorrect Social Security, address, or phone number
• Credit accounts and loans you didn’t open
• Accounts incorrectly listed as late or with wrong balances, credit limits, or delinquency dates
• Closed accounts listed as opened or accounts listed multiple times
• Accounts not correctly marked as “current” when payments were subject to relief from the COVID-19 pandemic

Whether you discover that you’ve become a victim of identity theft or other fraud, or simply that your report has errors, you can find fixes to these problems—but doing so can take time. So the sooner you catch fraud and mistakes, the better.

Related: Do Installment Loans Build Credit?

4. Avoid Phishing Scams

Phishing scams target people through email, text messages, or messages over social media, to get them to click a link or open an attachment.

For instance: A scammer might send you a text message claiming to be from your utility company. The text says there’s an issue with a recent payment, and that you need to click an included link so you can update your payment information. When you click the link, you might be sent to a fake page where the scammer hopes you’ll input sensitive personal financial information, or your device might download malware that gives the scammer control.

Fortunately, there are a few tell-tale ways to differentiate phishing scams from legitimate notices. Be on the lookout for the following:

• Misspellings and poor grammar in the body of the email.
• Sender email addresses that seem legitimate, but are slightly misspelled. (For instance, …@faceboook.com or …@facebo0k.com.)
• Dramatic or urgent language demanding immediate action
• Requests for financial or other personal information
• Shortened, untrusted URLs
• Generic greetings, such as “Dear Customer”

If you receive an obvious phishing attempt, you can simply mark it as spam and ignore it. But what should you do if a message is very convincing and you’re not sure whether it’s legitimate? For instance, what if you get a realistic email purporting to be from your utility company saying you’re late on your payment? Either open a new browser tab and directly navigate to your utility company’s website (in other words, don’t use the links in the email), or directly call the company, to determine whether they actually sent the email.

Want to help fight scammers? You can forward phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org or forward texts to SPAM (7726). You can also report the scammer to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov.

Related: Don’t Believe These 17 Social Security Myths

5. Create Strong, Unique Passwords

Coming up with original, complex passwords for every online account might be annoying, but it can keep you safe from hackers. 

The FTC recommends making your passwords at least 12 characters long or using a passphrase (several words separated by spaces) of random words. It’s also helpful to mix in both uppercase and lowercase letters, as well as numbers and symbols. And many websites will automatically require some of these criteria—for instance, they might require a 12-character minimum with at least one number and one symbol.

Worried you’ll forget your new complicated passwords? You can either have your web browser remember your passwords, or you can use a third-party password manager.

And in the event of a data breach, change your password(s) as soon as possible.

If a website requires you to pick from security questions and provide answers, avoid questions with very limited answers and anything that’s answerable by public information that’s easy to look up online. For instance, if you’ve lived on the same street your whole life, avoid the question “What street did you grow up on?” as your acquaintances would know the answer, and the information would be simple for strangers to dig up.

Related: 9 Financial Mistakes That Can Quickly Drain Your Retirement Savings

6. Use Two-Factor Authentication

Even if you have a complex password, it can be compromised through phishing attacks, data breaches, and other methods. So when it comes to financial accounts or accounts where you store financial information, you might want to take a step up from a simple username and password.

Two-factor authentication (2FA) is a security standard that requires two types of identification to access an account. For instance, once you key in a password, you might also need to enter a PIN, answer a security question, pass a facial recognition test, or provide a one-time verification code sent by text, email, or an authenticator app.

I’ll be honest: Sometimes, I find two-factor authentication kind of annoying. It adds a little extra time to every login. But you don’t necessarily have to use 2FA for every single app—just use it for important accounts, like your bank, peer-to-peer payment apps, crypto accounts, etc.

But while it may not be necessary to use two-factor authentication for every single app you have, it’s wise to do so for financial apps—banking apps, crypto accounts, peer-to-peer payment apps, etc.

Note: Some apps and websites offer 2FA but don’t make it the default option. You might need to go to account settings and enable it.

Related: The 13 Best Mutual Funds You Can Buy

7. Don’t Store Credit Card Information for Infrequent Purchases

Sometimes, you have to decide between convenience and financial safety. 

Let’s say you make a food pickup order with a store-specific app. It populates a checkbox asking whether you want to save your credit card information for a faster checkout process next time. If this is a restaurant you rarely order from, don’t bother saving your information, and instead just manually type it in next time.

The concern here isn’t that someone will steal your phone and order themselves some food. (Although, if you have children in the home, this could happen to you!) The worry is that, if the app becomes the victim of a data breach, your credit card information might be stolen and used to make fraudulent purchases. Thus, the more sites that have your data, the higher your risk of having it stolen.

Ideally, you shouldn’t let any website store your credit card or bank information, but for many people, this decision is about finding a balance between convenience and safety. A good middle ground is to only keep your information stored in the handful of sites where you most frequently pay bills or make purchases. 

Note: If a retail website lets you use a credit card from your digital wallet, this is a safer option as the merchant won’t gain access to your card’s information.

Related: 20 Expenses to Cut From Your Budget in 2024

8. Limit What You Share on Social Media

You can easily put yourself at greater risk of being scammed on social media. Data shared by the FTC shows that about a quarter of people who reported losing money to fraud between 2021 to fall 2023 said it started on social media. 

Social media scammers work in myriad ways. For instance, you might get a generic-sounding message about a job opportunity or lucrative investment that turns out to be completely fake. You might buy something after clicking on a link on social media, only to never receive the product. Or someone who has hacked an old friend’s account might reach out to you, pretending to be the friend, to ask for money or sell you something.

A friend recently told me about seeing a post from one of her friends. The post said she was selling the possessions of a deceased parent. They were offering great deals on big-ticket items, including a car and an all-terrain vehicle (ATV). Anyone interested was told to send an initial payment over Venmo to show they were serious buyers. 

It was a scam. Someone had hacked the friend’s account. Thankfully, the hack was discovered before anyone sent any payments. 

In short: If someone you think you know reaches out on social media with an odd request or a sudden need for money, ensure it’s really them before sending money or even sharing any personal information. (For instance, you might text them to ask whether they had just reached out to you on the social media site.)

By the way: If you share a lot of information on social media, fraudsters might not even need to hack your financial accounts. Do you make a post every year announcing your birthday? Did you post a picture of your mother and use her full maiden name? Perhaps you posted a video of your child playing in the front yard and it shows your street name in the background. This type of information sometimes can be enough for scammers to answer your security questions. So be very careful about anything you share on social media.

Related: The Pink Tax: Why It’s So Expensive to Be a Woman

9. Protect Yourself Against Card Skimmers

A card skimmer is a device installed on or inside an ATM, fuel pump, or point-of-sale terminal that illegally captures card data. Scammers use this information to create fake cards, which they in turn use to make unauthorized purchases or steal from people’s accounts.

Unfortunately, this type of financial fraud isn’t just popular—it’s on the rise. Based on FICO data, the number of U.S. debit cards skimmed went up 77% year-over-year between the first half of 2022 and the first half of 2023.

The good news is that there are a few ways to protect yourself:

• Before getting gas at a pump, check to see if the card reader looks like it has been tampered with or seems loose. You can also compare the card reader to nearby pumps to see if it looks different. If anything feels off, avoid that pump and notify an employee of your suspicions. If you’re not in a rush, you can opt to pay inside.
• Only use ATMs in well-lit areas, preferably indoors, as these are less likely to be targeted. 
• Pay using either a chip or contactless technology. Skimmers grab information via your card’s magnetic strip.
• Pay with credit instead of debit.
• Turn on notifications for your credit and debit cards that activate when you’ve spent above a (preferably low) threshold.

Related: Stop Shrinkflation! 10 Products Affected + Tips to Save Money

10. Don’t Give Callers Your Personal Information

If you receive a phone call requesting personal and/or financial information, be on alert. The person who called you might be a scammer. 

Scammers pretend to represent a variety of places—your credit card company, your health insurer, the IRS, the Social Security Administration, and so on. More often than not, they’ll aggressively try to get you to divulge personal information or financial account data. But in almost all situations, these companies and organizations won’t call you to get this information. So if you’re ever worried that a call might be legitimate but you’re scared to provide the information, hang up and directly call your credit card company, health insurer, etc., at their listed phone number, and ask to confirm whether they needed said information.

For the record, there are situations where it’s much safer to share your information over the phone. For instance, if you call an organization or business—say, a local pizza parlor you’ve frequented for years—you know that they’re a legitimate business, and you know they’ll ask for your credit card information to finalize your order. The important difference is that you’re calling them and know who you’re talking to.

To limit fraudulent calls, consider adding your phone number to the National Do Not Call Registry. 

Related: 

• Child Tax Credit FAQs [What Every Parent Needs to Know]
• 13 Dividend Kings for Royally Resilient Income
• Retired But Too Young for Medicare? Health Insurance for Early Retirees