How to Practice Good Credit Card Hygiene, Avoid Getting Hacked

Dear Liz: We have a primary credit card, which we use all the time, which collects the airline miles we use to travel. Every few months it gets “compromised” and we have to get a new one. Is there anything we’re not doing right? Are there “good hygiene” rules for bank cards?

Answer: Yes, and most involve reducing the number of places that have access to your card information.

Many online retailers and web browsers offer to save your card information to make future purchases easier.

While these autofills save time, they mean that your credit number information is stored in databases beyond your control. Declining this option – and removing your stored maps from browsers and retail accounts – means less convenience but more security.

Another option is to add two-factor authentication to your retail accounts, making them harder to break into. This would require you to enter a code that is texted or emailed to you or generated by an authenticator app.

Some credit cards offer the possibility of using virtual numbers online. If yours does, this is another option worth using. The retailer never has access to your real credit card number, so they can’t end up in a potentially vulnerable database.

You can avoid exposing your credit card numbers when shopping in person by using mobile payment apps like Apple Pay and Google Pay.

These apps create a “token” from your credit card information that is passed to the merchant when you want to buy something. Again, the merchant never sees and cannot store your card details.

Other best practices include avoiding dangerous merchants and sites. When shopping online, always make sure that the little padlock symbol appears on the left side of your browser’s address bar and that the site address begins with “https” rather than “http” . If a site doesn’t offer these basic security features, you shouldn’t shop there.

Beware of in-person merchants using old-fashioned swipe card readers, ones that require you to swipe, with no ability to touch or insert your chip card. It’s much easier to clone information on a card’s magnetic stripe than on its chip, so avoid swiping if possible.

Also beware of skimmers and shimmers, which are devices that thieves install on ATMs and unattended fuel pumps to steal card information. These devices can be difficult to detect, so consider paying for your gas inside the station and using ATMs attached to banks.

You should also avoid using public Wi-Fi for any financial transactions, as these networks are usually unencrypted and easily compromised. Finally, be on the lookout for phishing attempts, which is when criminals attempt to trick you into divulging credit card information and other sensitive personal information by pretending to come from a trusted source.

Understand that you can do everything right and that criminals can still steal your card information. Luckily, you’re protected against fraudulent charges, so a compromised card is more of a hassle than a financial disaster.

The complex rules of Social Security

Dear Liz: You recently mentioned that people can’t always trust the information they receive from Social Security officials. I worked for social security for 25 years. A few years later, when I was ready to file for spousal benefits in another city, the rep I got immediately told me that I didn’t qualify and that I wasn’t even going to fill out request. I knew he was wrong but he was adamant. Always, always tell your readers to insist on filing a claim no matter what, as it protects their appeal rights. The applicant may be wrong, but will receive a formal decision telling them why. I spent 20 minutes educating this rep on what he should have already known. They don’t train them like they used to.

Answer: Social Security rules can be extremely complicated and, as you note, not all Social Security representatives understand these rules as well as they should.

Anyone considering applying should first educate themselves as much as possible (the latest edition of “Social Security for Dummies” by Jonathan Peterson is an excellent starting point). Consider using Social Security claim software or getting personalized advice from a paid financial planner. Once you are well informed, you will be better able to recognize and avoid bad advice.

Liz Weston, Certified Financial Planner, is a personal finance columnist for Nerd Wallet. Questions can be sent to him at 3940 Laurel Canyon, No. 238, Studio City, CA 91604, or by using the “Contact” form at

About Shirley L. Kreger

Check Also

Wage garnishment: can credit card companies do it?

The worst thing you can do when you can’t pay your credit card bills is …