I've never fallen victim to a scam, but in the past, I hadn't exactly gone out of my way to avoid them, either.
That's a problem for two reasons. First, after years of data breaches, my Social Security number, address and passwords are probably floating around on the dark web, making it easier to steal my identity.
Second, as someone who writes about scams for a living, it's a matter of pride not to get caught in one.
With that in mind, I decided to make myself as scam-proof as reasonably possible. The steps I took are straightforward, free and most only take only a few minutes to set up.
Get top local stories in Philly delivered to you every morning. >Sign up for NBC Philadelphia's News Headlines newsletter.
Here's what I did.
1. Froze my credit
- Total time: 5 minutes
A credit freeze, or security freeze, effectively blocks unauthorized access to your credit report, which is what lenders use to approve loans and credit cards. A credit freeze will prevent scammers from assuming your identity and signing up for credit under your name.
Money Report
You can set up a credit freeze by visiting the websites of the three major credit bureaus — Equifax, Experian, and TransUnion. The online process is quick and free, though you can also do it by phone or mail. It's easy to unfreeze when you need to apply for credit or a loan.
Since I have no plans to apply for a new credit card, mortgage or loan any time soon, freezing my credit was a no-brainer for me.
2. Turned on Stolen Device Protection on my iPhone
- Total time: 1 minute
Say you're in a public place, like a bar, and lose your phone. Later, you discover it's been hacked, with thousands of dollars drained from your Apple Pay or Venmo accounts. All a thief needs is your phone and passcode, often obtained by simply watching you enter it. Once they have access, they can reset your Apple ID or Face ID, locking you out and taking control of your identity.
To combat this, Apple introduced "Stolen Device Protection" in January 2024. This security feature requires Face ID or Touch ID for critical actions like password resets and enforces a one-hour delay in certain cases, such as when the device is in an unfamiliar location. During this time, alerts are sent to your trusted devices and email, giving you a chance to intervene before any changes take effect.
To turn on Stolen Device Protection, make sure your iPhone software is updated to iOS 17.3 or later. From there, you can follow these steps:
- Go to the Settings app, and select "Face ID & Passcode"
- Enter your passcode
- Toggle "Stolen Device Protection"
3. Set Venmo to private
- Total time: 1 minute
Venmo can be a convenient way to split the bill or make small purchases, but I never understood the "social" aspects of the app, or why all of my transactions were viewable by the public by default.
Rather than expose my personal payment details to phishing scams, I've changed my default privacy settings to "Private." To do so, open the Venmo app:
- Go to the Me tab
- Tap the Settings gear icon in the top right corner
- Tap Privacy
- Under Default Privacy Settings, select Private
4. Signed up for Informed Delivery
- Total time: 1 minute
Informed Delivery is a free service offered by the U.S. Postal Service that alerts you to incoming mail and packages.
It helps you keep an eye on your deliveries and quickly spot any missing or stolen items, which scammers might use to access sensitive information like credit card offers or bank statements. If something is missing, you can report it through the Informed Delivery website, and the USPS will investigate.
Here's how to sign up:
- Visit the Informed Delivery website
- Create or log in to your USPS account
- Verify your identity to activate the service
5. I finally got a password manager
- Total time: 30 minutes
Data breaches are so common now that I've had to reset my handful of passwords every few months. But even changing passwords isn't enough — hackers can crack an eight-character password with a mix of numbers, letters and symbols in just eight hours, according to a 2022 study. Clearly, "Hello123!" isn't cutting it anymore.
To stay ahead of potential breaches, I've started using a password manager. After exploring a few options, I went with Bitwarden, which also has a free option. It generates unique 30-character passwords for all of my accounts, and with one simple master password, I can securely access everything.
To log into a website, I use Bitwarden's Chrome extension or iPhone app, which autofills the long, secure passwords for me automatically — no typing or memorizing required. I don't have to worry about weak or reused passwords anymore, either.
While updating all my logins is still a work in progress, I've prioritized my bank and credit card accounts and it already gives me peace of mind.
6. Enabled two-factor authentication for banks
- Total time: 5 minutes
To further protect my bank accounts, I've added two-factor authentication to my login process. Along with a longer, more secure password, I now receive a text code every time I log into my bank apps or websites.
It's an extra step, but I think it's worth it — especially after seeing phishing emails that look almost identical to legitimate ones from my bank. As a rule, I avoid clicking on links or images in emails or texts altogether. Instead, I search for my bank directly on Google and log in using that link.
Ready to boost your income and career? Don't miss our special Black Friday offer: 55% off all Smarter by CNBC Make It online courses. Learn how to earn passive income online, master your money, ace your job interview and salary negotiations, and become an effective communicator. Use coupon code THANKS24 to get the best deal of the season—offer valid 11/25/24 through 12/2/24.
Plus, sign up for CNBC Make It's newsletter to get tips and tricks for success at work, with money and in life.