Everyone wants to know that their banking information and other financial data is safe from online fraud. Nobody likes losing money to thieves. Small business owners have to be especially careful about protecting their money online, as they often have to complete important purchases to secure the supplies their businesses need to keep going.
Wondering how to protect your money online as a small business owner (or even as an individual)? While there’s no perfect solution for safe shopping online, there are a few money safety tips that you can follow to avoid risk and better protect your money.
One of the most important things to do to ensure safe web browsing and secure shopping is to get to know what kinds of threats there are to your financial data. So, here’s a quick overview of a few different things that can pose a threat and how to protect your money from them:
How to Protect Your Money from Card Skimmers
Not all crooks use online tricks to breach your credit card protection. Some fraudsters like to use credit card skimmers on public credit card terminals in gas stations, department stores, and ATMs to copy credit card data for later use.
These skimmer devices are installed in or on public credit card readers and attempt to read the magnetic stripe or RFID on a credit card—or even take pictures of the card number as it is being used.
There are a few things that you can do to thwart or avoid credit card skimmers and practice secure shopping, such as:
- Inspecting credit card readers. Before using a credit or debit card reader, take a moment to check it for signs of tampering—such as scratches around the reader, broken seals, or the credit card slot looking different from other readers around it (added bulk/lights could indicate that a skimmer is installed). If you think the reader has a skimmer on it, don’t use it!
- Keep your credit card from leaving your sight. For manual transactions where a store employee handles your card, try to keep the card from leaving your sight whenever possible. This helps prevent the card from being passed through a skimmer or card copier out of your sight. There are situations where this can be difficult, though you can always ask the employee to bring the DataPhone to where you are or you can go to where the DataPhone is.
- Use chip readers when available. While still not perfect, chip readers tend to be much more secure than standard magnetic stripe readers—and are more difficult to “skim.” So, when available, consider using a chip reader rather than a magnetic strip slide reader.
These are just a few basic credit card protection measures that can help you thwart a skimmer.
How to Protect Your Money from Phishing Attacks
Phishing attacks are a common attack strategy where a cybercriminal sends a message to their intended victim— trying to trick business owners into giving banking information, approving a phony invoice, or surrendering usernames and passwords so they can log into and “fix” something wrong with their online shopping accounts. These messages might arrive via emails, social media posts, or instant messaging apps (just to name a few options).
The classic example of a phishing scheme is the laughably-obvious “Nigerian prince” email scam. It’s the one where a random prince would email you saying that they would transfer money to your account so they could avoid some tax or other issue—if only you would send them your banking information (such as your routing number) so they can complete the transfer.
However, modern phishing schemes are a bit subtler than this AOL-era scam. To protect your money from modern scammers, you’ll want to follow a few anti-phishing cyber security tips:
- Always Verify Sender Identities. Some phishers like to imitate people you know to try and trick you into approving an invoice, surrendering information that you wouldn’t give to a stranger, or into downloading an attachment with malware in it. So, when receiving requests for money or account information, always check the identity of the sender before approving anything. You can do this by verifying sender addresses and checking them for typos (such as firstname.lastname@example.org versus Damien@yourcompanyname.net) or by reaching out to the person and asking them if they sent that email directly (using a different communication channel, not by responding to the email or message). It only takes a minute and can save you from online fraud.
- Check for Typos and Grammar Errors. Errors in the message can be an indication that the sender is not a real vendor or employee at your company. Real vendors tend to spell check their documents to avoid creating unintended loopholes in agreements, so grammar errors and typos are often signs of an impostor. Of course, if you know the sender to have bad grammar/spelling in general, then an unusually well-written email/message might be your giveaway instead.
- Keep Detailed Records of Your Transactions. Phishing attempts frequently rely on someone not being aware of the status of their accounts payable to approve a phony invoice. By keeping a record of your outstanding invoices and their due dates (and referencing it when receiving emailed reminders), you can avoid paying a fraudulent invoice.
On a related note, there’s another type of phishing to watch out for called “vishing,” or “voice phishing.” Here, the crook will attempt to use a voicemail or direct communication to trick you into taking an action that can compromise the security of your banking information or other financial data. It’s generally a good idea to take requests for credit card numbers or banking app access information with a grain of salt—especially if you weren’t the one to call the other person.
How to Protect Your Money from Fake Smartphone Apps
Smartphone apps can be incredibly convenient for the business owner on the go—allowing them to communicate with employees, manage purchase orders, pay bills, or check banking information from virtually anywhere.
However, some criminals know just how much people have come to rely on smartphone apps for their day-to-day lives (and for recreation through gaming apps). So, they have learned to make malicious software apps that imitate popular gaming, banking, shopping, or business applications in the hopes that others will mistakenly download them. Once downloaded, the apps urge users to surrender sensitive data—such as banking information, credit card numbers, or login information for other accounts.
When looking at smartphone apps, be sure to practice secure shopping by sticking to your device’s official app store. Additionally, check the name of the app developer in the store listing to make sure it matches the name of the organization the app is from. It can also help to set some purchasing controls on your smartphone—such as requiring a password to be entered before allowing the download of any new software or the completion of an “in-app purchase.” This helps to limit the risk of an app being able to charge you money without your consent.
How to Protect Your Money if Your Financial Information is Compromised
Even when following the best advice for protecting your banking information and other financial data, there is always a chance of compromise. If this happens, don’t panic. You can still take steps to prevent further loss.
First, if your banking information was compromised, it may be necessary to put a freeze or hold on the affected account and/or change the account’s routing number. This helps to keep the fraudster from being able to take more money out of your account. Likewise, compromised credit cards should be cancelled and reissued with new numbers. In either case, you’ll need to notify your bank.
Second, when talking to your bank or credit card company, ask about reversing the charges. Though they may not be able to recover all of your money, they may be able to reverse some of the charges for you. If you don’t ask, you may never know. When talking to your bank/credit company, be sure to provide as much detail about the fraud as possible.
Finally, you may want to file a complaint with the Federal Trade Commission (FTC). Although this does not guarantee a recovery of your stolen money, it helps the FTC discover online fraud and fraudsters so they can investigate the fraudulent activity. This can help protect other consumers in the future.
Need help detecting fraud and computer security problems? Check out our threat intelligence tool that can help you spot problems early!