How to Manage Internet Security Risks to Your Credit Card

Online shopping makes it easy to browse at multiple stores, wherever and whenever we want, to find the right items at the right prices. What’s more, loyalty programs, online shopping portals, and cash back apps can make it a breeze to earn rewards and receive a percentage of what you spend back in cash.

But downsides exist, too. From phishing email scams to scams targeting the elderly, it’s important to understand the cybersecurity risks associated with shopping online. Luckily, card issuers and merchants can take multiple steps to protect your credit card information. In addition, you can take several steps to protect yourself against online security threats and safely manage your personal information.

Credit card companies recognize that consumers face numerous cybersecurity threats when they shop online. Fortunately, many companies can help protect you against credit card fraud, offer ways to monitor account activity, and secure your account through features such as multifactor authentication to verify your identity – for example, texting a code to your known mobile phone number. When applying for a credit card, make sure to compare the security features and customer service options available to you.

Meanwhile, merchants can help protect your personal information by using secure websites – they start with https: – or supporting payments through digital wallets (more on digital wallets later).

In addition to the ways card issuers and merchants aim to help keep your card and personal information safe, there are also several steps you can take to prevent credit card fraud, protect your card information from cybersecurity attacks, and safely shop online. Some tips involve keeping technology up to date, while others require keeping a close eye on account activity.

1. Go directly to the store’s website. While fake emails that impersonate brands will usually end up in your “spam” inbox, some may not. So it’s wise not to click on any links within an email or text message – especially if you don’t remember signing up to receive messages from that merchant. Similarly, if you want to take advantage of a discount code mentioned in the message, go directly to the merchant’s website or mobile app and enter the code at checkout.

2. Use a private device. When entering your credit card information to make a purchase, your personal laptop, tablet, or smartphone offers more security than a public computer. Many websites save login information, leaving it available for the next user. In addition, criminals who use public computers may install spyware that secretly records keystrokes to gain access to credit card numbers.

3. Use a secure connection. As with devices, a private, password-protected Wi-Fi connection is more secure than a public network, where it’s easier for criminals to access other devices on the network. Using a virtual private network (VPN) can also help to prevent unauthorized users from gaining access to your network and your data.

4. Keep device security up to date. Make sure your phone, tablet, or laptop has the latest version of its operating system installed, as it will offer the best protection against the newest cybersecurity threats. Keeping antivirus software current, as well as using the newest version of your Internet browser of choice, will also provide up-to-date protection. For additional protection against identity theft, consider setting up biometric identification – perhaps your thumbprint or face – which will make it more difficult for someone else to unlock your personal device.

5. Use strong passwords. For any online services that store your credit card information, use long passwords that include a mix of capital letters, numbers, and special characters. It’s also important to use different passwords for each website and change them regularly. A recommended best practice is every three months.

6. Set up multifactor authentication. This security feature is increasingly common for websites, apps, and services that ask you to verify your identity two different ways. After you enter a password, the website will send a code to a separate device using text, email, or voicemail. Alternatively, you may be required to retrieve a code through an authenticator app. Either way, you must enter this code to access the site.

7. Create a digital wallet. A digital wallet is a form of contactless payment that sends a merchant a token – not your credit card number – when you make a payment. Every transaction uses a unique token. Digital wallets are a secure way to make online purchases, and they also offer protection against physical security threats, such as credit card skimmers or cameras set up to watch you enter your PIN.

8. Review credit card statements regularly. The more frequently you look at your credit card statements, the more likely you are to spot fraudulent credit card activity or unauthorized transactions. If any charges don’t look familiar, search online to confirm the name of a merchant. Keep in mind the name of an individual store may be different than the name of the company that owns the store. Look at every charge, not just the biggest ones – many criminals will start with charges as small as $1 to “test” that a credit card number works before moving on to larger purchases. It’s also a good idea to regularly check your credit report and look for unauthorized inquiries, which may indicate that someone has obtained your personally identifiable information.

9. Download your card issuer’s app. Using your credit card company’s app is more than an easy way to transfer money, use rewards points, or get exclusive offers. Mobile apps let you review account activity, set purchase alerts, freeze a card, or chat with customer service. This can help you manage credit card risk on your terms, using the device that you keep close by.

10. When in doubt, reach out directly. If you receive any messages from your credit card company that look suspicious, whether by phone, email, or text, do not respond. Instead, reach out to the credit card company directly. Common suspicious messages could include an offer for a lower interest rate, a need to verify contact information, or a potential overcharge that needs to be fixed.