The credit card industry has bolstered its monitoring systems to try to catch fraud before it happens, but it's also essential that you take steps to safeguard your personal data. Preventing identity theft involves protecting your sensitive information, including whom you give your credit card information to and how.
Some methods are better than others. Here's how you can best protect yourself with each form of communication.
» MORE: How to dispute fraudulent credit card charges
Email was not created with data privacy in mind, though some email providers are adding security measures. Depending on where the message is sent, its contents can be stored on multiple servers along the way. Also, emails are stored in various folders in your account and the recipient's, making your credit card information vulnerable to hackers or someone else who has a way to access one of the accounts.
What you can do: If you've sent credit card or other sensitive information over email in the past, search your sent folder and delete the information permanently. In the future, you can mitigate the risk by encrypting your email or using an email provider that encrypts messages automatically.
"It is important to understand whether emails are encrypted while on the server or just during transmission," says Shirley Inscoe, senior analyst at Aite Group, an independent research and advisory firm. "This is something to double-check, or the email content may still be accessed while stored on a server."
According to Google, for example, Gmail messages are “encrypted at rest and while in transit between data centers.” You can also turn on Confidential Mode, which removes the recipient’s ability to forward, copy, download or print your email and allows you to set an expiration date for your message. Microsoft Outlook has a feature that lets users encrypt individual messages as well.
Encryption software is another option (free online versions include PreVeil and SecureMyEmail). But don't trust an encryption software without vetting it.
» MORE: 6 credit card scams and how to avoid them
Stop fraud in its tracks
With a NerdWallet account, you can see all of your credit card activity in one place and easily access your credit report to spot any red flags quickly.
Text
In general, it's difficult for hackers to access text messages. But as long as a text containing credit card information sits in an inbox or sent folder, it's exposed. If your phone is stolen, or the phone of the person you sent the information to is swiped, the thief may be able to access the information.
What you can do: Consider installing a text message encryption app on your phone that has self-destruct functionality. That way, the text containing your credit card information will be deleted from both phones after a pre-set period of time, lessening the exposure. One such app is Signal, which is available for iPhone and Android.
Also, set up your phone’s screen to lock when idle. This is an easy way to keep your phone, and everything on it, more secure.
» MORE: Is it safer to bank by phone or computer? We ask 3 experts
Postal mail
These days, there aren't many instances in which you would need to send credit card information through the mail, but you may occasionally receive a bill or order form that requests it. The United States has strict laws about mail theft, but sending sensitive information this way poses some risk. Not only can someone steal your information after you've put it in your mailbox and before the mail carrier picks it up, but also once it's been delivered.
"Raising that red flag on the mailbox just calls it to the attention of identity thieves," Inscoe says. Instead, hand it directly to the carrier or drop it in the letter slot at the post office. Also, consider using certified mail so you can confirm that the letter has been delivered to the intended recipient.
What you can do: If you have to send your credit card information in the mail, avoid leaving it in your mailbox for the mail carrier to pick up. Sign up for Informed Delivery through the USPS, which gives you a preview of your mail so you can tell if anything that may contain personal information doesn’t actually make it into your mailbox.
» MORE: How to freeze your credit
Secure websites
A secure website is easy to spot because it will display "https" (with an "S") at the beginning of its URL. (Many times there will also be a lock icon.) Any information you send through a secured website is encrypted and safe. However, your credit card information is still susceptible to theft if you're a victim of spyware that has infected your computer or a public one. Hackers targeting the company operating the website may also access the information if it's stored on the company's servers.
What you can do: Make sure your malware protection is up to date. Avoid clicking on unfamiliar links in emails or pop-up ads. Learn to recognize if there is spyware on your computer. If you are suspicious, run a scan using legitimate anti-spyware software to detect and remove it.
🤓Nerdy Tip
A "secure" website can still be dangerous. When you see the "S" in "https" or the lock icon in the address bar, it just means that the connection to the website itself is secure. It doesn't tell you anything about the people running the website. In other words, criminals might be unable to intercept your credit card data when you provide it to the site — but it the site itself is run by criminals, your data is still compromised.
» MORE: Don’t speak tech? Cybersecurity for the rest of us
Fax
If both the sending and receiving fax machines operate over telephone lines, the threat of hacking is minimal. Anyone trying to access the line will only hear that familiar screeching sound.
However, if it's an email-based fax, your information is just as vulnerable as with an unencrypted email. Another risk to consider with phone-based fax is whether the intended recipient is the only one with access to the fax once it's delivered.
"A number of people may see the content of the fax while it is awaiting pickup by the intended recipient," Inscoe says. She also points out that "printed faxes may end up being misfiled or languishing on someone’s desk, with the content available to cleaning staff, security staff and other employees in the office."
What you can do: Before sending your credit card information, ask the recipient to stand by the fax machine to receive it as soon as it arrives and confirm they have received it. Additionally, ask whether their fax machine is email-based. If so, Inscoe recommends that you "ensure that the transmission is encrypted or upload the fax to a server via an encrypted web connection."
Be proactive about protecting your credit card information. Consumers "should ask questions until they are reassured or not use that method for confidential data," Inscoe says. "If all consumers start asking more questions, companies will start to take security and privacy issues more seriously."
What's next?
» Securing your credit card information is just one step in preventing identity theft.
