The internet is essential to modern living, but it doesn't come without some serious drawbacks. "There are a lot of evil people out there," says Eric Cole, a cybersecurity expert and author of the book "Online Danger: How to Protect Yourself and Your Loved Ones From the Evil Side of the Internet."
Among those unsavory individuals are criminals intent on stealing personal information or depleting unsuspecting victims' bank accounts. Cole says many people make the mistake of thinking they aren't important or rich enough to become the target of a hacker. However, criminals typically aren't looking to steal a significant amount of money from one person. "They are after a $10 or $20 hit from millions of people," he explains.
That means you could be vulnerable to identity theft or fraud. Protect yourself from becoming an easy target by recognizing these 10 common mistakes and following expert-approved tips to dodge financial fraud.
1. Using the default password on your router. You might think your home router is safe inside the confines of your walls, but savvy criminals can still compromise it to gain access to your home network. "One of the most basic steps [you] can take is to change the default password," says Trevor Buxton, fraud awareness and communications manager for PNC Bank. "Those default manufacturer passwords are out on the web." As with other passwords, the one you use for your router should be unique, strong and include a variety of numbers, letters and symbols.
2. Failing to diversify your account passwords. Another common mistake is using a simple password – such as "12345" – that can be easily cracked by software programs. It's also a mistake to use the same password across multiple sites. The danger is that a password cracked on one site can give criminals access to your accounts across the web. If remembering long passwords proves to be a challenge, password managers such as Dashlane ($3.33 per month for a premium plan) and Keeper ($29.99 per year) can create and store unique, strong passwords for each website.
3. Checking sensitive accounts on public Wi-Fi. "Public Wi-Fi is so widely available, and it's so convenient," says Brett Hansen, vice president with Dell Data Security. However, people need to realize public networks are not secure. "You are at risk of someone intercepting your traffic." When that happens, a hacker can glean passwords or other sensitive data you may be transmitting.
The easiest way to avoid this danger is to download a virtual private network, or VPN service, onto your computer or device. A VPN will encrypt data before sending it over the internet.
4. Trusting your bank app's default settings. Cole says people should take particular care when using banking or financial apps. "A lot of these banking apps are not as secure as you might think," he says. It's not that the apps lack security features, but rather that they are turned off by default in order to keep them convenient and easy to use.
For instance, two-factor authentication, which requires users enter a texted or emailed code, may be available to ensure secure logins, but is often not turned on automatically. Likewise, credit card companies may have an automatic confirm feature that sends a text to cardholders after every purchase, but that too may be turned off by default. This feature allows consumers to receive notifications every time a card is used, so they will know immediately when a suspicious transaction posts.
5. Believing a debit card offers the same protection as a credit card. This mistake isn't one that opens you up to fraud, but can make the situation worse once you're a victim. Federal law stipulates cardholders are only responsible for $50 of unauthorized charges made with a credit card. However, people may have to pay up to $500 in unauthorized debit card transactions if an institution isn't notified within two days of the card loss or theft. If the bank isn't notified within 60 days, a person can be held responsible to pay any and all unauthorized charges.
Cole says some banks will only charge $50 for unauthorized transactions made with their debit cards. However, even in that scenario, people won't immediately get refunded the money as they would with a credit card. "With a debit card, you're out the money while you fight it," he says. That means you won't see the cash back in your account until after you dispute the transaction and your bank completes its investigation, which could take up to 10 days for an established account and 20 days for a new account.
6. Entering the same credit card number everywhere. This is another error that can cause significant inconvenience once a person becomes a victim of fraud. Use separate credit cards for dedicated purposes, such as travel or groceries. That way, it will be easier to identify the source of fraud and correct the problem once it occurs.
Cole says it's not a question of if, but when a credit card will be compromised. When that happens, damage control will be easier if card information only has to be updated on one or two accounts, rather than on every website you use.
7. Ignoring your child's credit profile. It's not just your own personal and banking information you need to protect. "I think people overlook the vulnerability of their child's credit profile," Buxton says. A child's Social Security number can be compromised the same as an adult's, and fraudulent accounts opened in a child's name might be missed for years, though there can be warning signs, such as an influx of credit card offers in a child's name.
According to Buxton, the best defense is to freeze a child's credit with each of the three major reporting bureaus: Experian, Equifax and TransUnion. "The day my son got his Social Security Number, I put a freeze on his credit profile," he says.