Shopping online means convenience--and risk

We live electronically now. Our banking is online. Our friends and family know from our social media posts what we are doing on vacation. When we’re job-hunting, we start the process with an online application.

We can shop for almost everything via the web. My neighbor pays with her smart watch when she takes her son out for ice cream.

Along with that convenience comes risk. Serious risk. It doesn’t take much for a cyber thief to prey on us while we are innocently doing our Christmas shopping on well-known websites.

I always thought I played it safe. I never use my cell phone to order or pay for anything. I use only my secure internet connection at home for online banking or shopping. I use credit monitoring services and constantly change passwords.

As safe as I think I am, two things happened recently to make me re-evaluate my personal cyber security.

Huge Equifax data breach

The $425 million settlement of the 2017 Equifax data breach, which exposed the personal information of 147 million people, was announced. It means that if you were affected, you are eligible for credit monitoring or possible cash reimbursements if you already use a credit monitoring service. Check out equifaxbreachsettlement.com to see if you were affected, then follow the simple steps to process your claim. I verified that I was on the list, so I followed the directions and a check is coming my way.

The other thing that happened was the arrival of a letter, supposedly from a bank that offers an affinity credit card with a shopping website. I’ve had a credit card with this bank for over 25 years and have also shopped on the site.

The letter asked for information verifying my name, date of birth, social security number, and physical address, and directed me to fax the information within 30 days or my credit card account might be closed.

The mailing was well done, containing the correct logo, bank address, and the last four digits of my credit card. The envelope looked like it was presorted and posted like any other commercial mailing. It looked authentic.

Having worked in financial services for over 35 years, I recognized the letter for the scam it was. Everything it wanted was what a cyberthief would need to open accounts in my name. As a longtime customer of the bank, I knew it didn’t need any information from me.

What to do--and not do

What do you do when you get something like this?

The first thing you should do is call the customer service number on the back of your credit card. I spoke with a representative of my credit card provider, who is closing out the old card and issuing a new one with a new number.

Do not call the customer service number on the letter. If you do, you are speaking to the scammers. Of course, they are going to say it is legitimate. Some might offer to take the information over the telephone.

I then called the shopping giant to try and determine where and why the fraud happened. I was always careful to log in only when I was ready to place an order and I immediately logged out after submitting payment. I had also always thought that I was using a secure shopping site. Well, that conversation is still ongoing.

We’re still trying to figure out how the scammers got my information.  I’m guessing it’s connected to my recent purchase of ceiling fan pull chains. Somehow, between the shopping website and its seller, my information was compromised.

My words of wisdom: Keep your financial information as safe as you keep your kids. We have to be vigilant. We have to work harder to maintain good financial health than the cyber thieves trying to take it away.

Kathi Paradis is a Welcome Home Loans Originator at the New Hampshire Community Loan Fund.

NMLS #469310. Licensed by the New Hampshire Banking Department.