How to Protect Your Finances Online (Right Now!) - The Personal Finance Podcast

Summary6 min read

Podcast Summary: Protecting Your Finances Online

Podcast Title: The Personal Finance Podcast
Host: Andrew Giancola
Episode Title: How to Protect Your Finances Online (Right Now!)
Release Date: April 25, 2025

Andrew Giancola, the host of The Personal Finance Podcast, delves into the critical topic of protecting your finances online in his episode released on April 25, 2025. With the increasing prevalence of digital transactions and the rising threats of cybercrime, Andrew underscores the urgency of implementing robust security measures. This comprehensive summary captures the key points, discussions, insights, and actionable strategies presented in the episode.

1. The Growing Threat Landscape

Andrew begins by highlighting the escalating risks associated with online financial activities:

Record High Identity Theft and Data Breaches:
“In 2024, identity theft hit an all-time high with millions of personal records stolen due to data breaches from major companies, hospitals, and even government systems.” (00:45)
AI-Powered Scams:
“Scammers are now using AI to mimic voices, generating fake emails, and creating hyper-realistic phishing websites.” (02:10)
Andrew emphasizes that these advanced techniques make traditional security measures insufficient, necessitating a multi-layered protection strategy.
Expanded Digital Footprint:
“More of our financial life is online, from budgeting apps to investment platforms and digital wallets.” (03:30)
He warns that a single compromised login can expose sensitive financial information, including retirement savings, brokerage accounts, and crypto wallets.

2. Comprehensive Strategies to Safeguard Finances

Andrew outlines six primary strategies to protect online finances, supplemented with additional quick tips for enhanced security.

2.1. Remove Personal Information Online

Why It Matters:
“Data brokers can legally buy and sell your information, including addresses, income levels, credit history, and spending habits.” (05:00)
This information can be exploited for identity theft, opening unauthorized credit lines, and targeted scams.
Action Steps:
- DIY Removal: Manually request deletion from each data broker, which is time-consuming and requires verification.
- Professional Services:
  “Hiring a service like DeleteMe can save you time by removing your information from hundreds of data brokers efficiently.” (07:15)
  Andrew recommends using DeleteMe by visiting joindeleteme.com/pfp20 for a discount.

2.2. Utilize a Password Manager

Importance:
“81% of data breaches happen because of weak or reused passwords.” (12:00)
Password managers create and store unique, complex passwords, minimizing the risk of multiple account compromises.
Implementation:
- Choose a reputable password manager (e.g., 1Password).
- Create a strong master password.
- Import existing passwords and generate new ones for each account.
- Store backup codes and secure notes within the manager.

2.3. Enable Two-Factor Authentication (2FA)

Critical Security Layer:
“Even if a hacker has your password, they cannot log in without the second authentication factor.” (18:20)
Andrew advises opting for app-based authenticators over text messages for enhanced security.
Steps to Enable:
- Access security settings on all financial platforms.
- Select app-based authentication methods like Authy, Google Authenticator, or Microsoft Authenticator.
- Scan the provided QR codes and securely store backup codes in your password manager.

2.4. Freeze Your Credit Reports

Protection Against Unauthorized Loans:
“Freezing your credit prevents anyone, including scammers, from opening loans in your name.” (22:10)
This is a free and effective method to safeguard your credit profile.
How to Freeze Credit:
- Visit the three major credit bureaus: Equifax, Experian, and TransUnion.
- Create an account and verify your identity.
- Initiate a security freeze and set a unique PIN or password for each bureau, stored securely in your password manager.

2.5. Use Virtual Credit Card Numbers

Minimize Exposure:
“Virtual credit cards hide your real credit card number when shopping online, limiting exposure if a site is hacked.” (28:00)
They allow setting spending limits and expiration dates, enhancing control over online transactions.
Implementation:
- Use credit card issuers that offer virtual card services (e.g., Capital One, Citi).
- Generate virtual card numbers for different online accounts.
- Set spending limits and expiration dates as needed.

2.6. Beware of Phishing Scams

Evolving Tactics:
“Phishing attempts are becoming more convincing, often mimicking legitimate websites and communications.” (35:40)
AI-driven voice recognition is also used to create believable scam calls.
Protection Tips:
- Avoid clicking on unexpected links or attachments.
- Manually type URLs into the browser.
- Verify sender email addresses for legitimacy.
- Look out for urgent requests, a common red flag for scams.
- When in doubt, contact the company directly through official channels.

3. Securing Your Email and Investment Accounts

Andrew emphasizes the importance of securing foundational elements of your digital life:

3.1. Secure Your Email Account

Email as a Gateway:
“Your email is the key to resetting passwords, and if compromised, hackers can access your entire financial life.” (40:15)
Fortifying email security is paramount.
Best Practices:
- Create a separate email for banking and investing.
- Use strong, unique passwords with a password manager.
- Enable 2FA with authenticators.
- Regularly review connected apps and devices.
- Consider encrypted email services like ProtonMail for added privacy.
- Use encrypted messaging (e.g., Signal) for financial conversations.
- Enable auto-delete for sensitive threads and avoid sharing banking information via regular texts or emails.

3.2. Secure Investment and Crypto Accounts

High-Value Targets:
“Crypto platforms are particularly susceptible to scams due to their large payouts.” (45:00)
Ensuring the security of investment accounts is as crucial as safeguarding savings.
Security Measures:
- Enable 2FA on all investment and crypto accounts.
- Use hardware wallets (e.g., Ledger, Trezor) for crypto storage.
- Keep recovery phrases offline, never in the cloud.
- Monitor logins and set up alerts for new devices.
- Transfer idle crypto to cold storage to minimize exposure on exchanges.

4. Additional Security Enhancements

Andrew provides quick tips to bolster your financial security further:

Monitor Financial Accounts Frequently:
Use instant transaction alerts to detect unauthorized activities promptly.
Avoid Storing Credit Card Details Online:
Prevent automatic one-click purchases to reduce vulnerability.
Use a VPN on Public Wi-Fi:
Protect your data when accessing financial accounts on unsecured networks.
Disable Unused Features:
Features like Zelle or Venmo, if not in use, should be disabled to minimize attack vectors.
Dark Web Monitoring Services:
Sign up to detect if your financial data has been leaked.
SIM Port Freeze:
Prevent SIM swap attacks by contacting your mobile provider to enable this feature.
Set Spending Limits on Credit Cards:
Limit fraud risk by capping expenditures through your credit cards.
Regularly Review Third-Party App Connections:
Ensure only trusted apps have access to your financial accounts.
Offline Backups of Important Data:
Maintain secure, offline copies of essential financial information in case of cyber attacks.

5. Conclusion and Call to Action

Andrew wraps up the episode by reiterating the importance of a proactive approach to online financial security:

“You have to have a plan in place to protect yourself and your loved ones. Your digital footprint can put your money at risk.” (55:00)

He urges listeners to implement the discussed strategies to secure their financial future and invites them to take immediate action by utilizing services like DeleteMe. Additionally, Andrew encourages subscribing to the podcast for more personal finance insights and strategies.

Key Takeaways

Understand the Threats: Awareness of identity theft, data breaches, and evolving scams is the first step towards protection.
Implement Comprehensive Security Measures: Utilize password managers, 2FA, and credit freezes to create multiple layers of defense.
Stay Vigilant: Regularly monitor accounts, be cautious of phishing attempts, and adopt best practices for online transactions.
Protect Loved Ones: Ensure that family members, especially vulnerable groups like children and the elderly, are also safeguarded against financial scams.
Take Immediate Action: Start implementing these strategies today to build a secure and resilient financial life.

By following Andrew Giancola's expert advice on The Personal Finance Podcast, listeners can significantly enhance their online financial security, paving the way for a stress-free and prosperous financial future.

Loading summary

Transcript1 lines

[00:00]
A
On this episode of the Personal Finance Podcast, how to protect your finances online right now. What's up everybody and welcome to the Personal Finance Podcast. I'm your host Andrew from MasterMoney Co and and today on the Personal Finance Podcast we're going to talk about how to protect your finances online right now. If you guys have any questions, make sure you join the Master Money newsletter by going to MasterMoney co. And don't forget to follow us on Spotify, Apple Podcasts, YouTube or whatever your favorite podcast player is. And if you want to help out the show, consider leaving a five star rating and review on Apple Podcasts, Spotify or your favorite podcast player. Now today I'm going to be diving into how to protect your finances online. Now this is one of the most important things that people need to have this year and beyond is making sure you have a plan in place to protect your finances online. And there are a number of reasons why you need to make sure that this happens. First is there are record high identity theft and data breaches. In 2024, identity theft hit an all time high with millions of personal records stolen due to data breaches from major companies, hospitals and even government systems. And your data is likely already out there and criminals can use this information to either drain your bank, open credit cards in your name or file false tax returns. And all of these are happening more and more and more. But also AI powered scams are everywhere. And scammers are now using AI to mimic voices, they're generating fake emails, they create hyper realistic phishing websites. And one wrong click and you're handing over sensitive financial info. You can no longer just trust your eyes and ears with layer protection. You must make sure you have a plan in place which we're going to talk about more in this episode. Also, more of our financial life is online. From budgeting apps to investment platforms, digital wallets, your entire net worth may be accessible from your phone or your browser. And one compromised login could expose everything, including retirement savings, your brokerage account, your crypto wallets, and that's the last thing I want for each and every single one of you. You have to have a plan in place to protect yourself. And your info is also bought and sold every single day where data brokers are out there and they can legally buy and sell your information, including addresses. They can buy your income levels, credit history, your spending habits. That info can also be used to target you as scams or influence you and your financial decisions without you even knowing. Now hackers are also increasingly going after Easy targets. And so children and the elderly are prime targets. So if you're someone out there who has kids who can understand some of this information, or if you have elderly parents or you have elderly people in your life, send them this episode because this episode is going to help them put together a financial plan so they are not targeted as much. Because if you manage your finances for loved ones, your digital footprint puts their money at risk too. You have to make sure that you are protecting them as well. Now, your digital behavior can also influence everything from credit card fraud to eligibility for loans in a compromised account. Or even a public data leak could delay your mortgage approval or even tank your credit score. I have seen people get their credit score destroyed because they had some sort of data breach. They did not put some of these protection plans in place. And also you could be locked out of your money. This is one of the scariest things that could happen to you is ransomware attacks and credentials. Potential theft can lock you out of your own accounts. And if you're not prepared with strong passwords or recovery options, it could take days or weeks to even regain access to your funds. Now, you may be saying to yourself, well, I'm financially savvy. This is not going to happen to me. Well, let's just remember what happened to Chase bank last year. Chase bank literally was frauded by a ton of everyday Americans with something called the infinite money glitch. One of the biggest bank in the entire world, JP Morgan was frauded by a bunch of different people with something called that infinite money glitch. And when that happened, they lost millions, millions and millions of dollars. They are now going back after these folks. But people were able to steal money from the biggest bank in the world. Why do you think it would not happen to you? This is something where you must make sure that you have a plan in place. I'm going to show you exactly how to do that today in this episode. Let's get into it. All right, the first thing that you need to be doing is you need to make sure that you are removing your personal information online. Now why does this matter? Because data brokers will sell your name, your address and contact info to scammers. Now this is complet. There are companies out there that are data brokers who will take your information and they will sell it to other people. And if these scammers get a hold of your information, even if it's pieces of your information, maybe it's a part of your address, maybe it's a part of your phone Number, maybe it's your name. If they get a piece of this information, guess what? If they have any other data breach where they get any other part of your information, they can start to sign up for student loans in your name. They can start to sign up for bank accounts in your name. They can start to log into different access points that you do not want them logged into. All of these are really, really important places to protect it. And so the way to protect that is to remove your personal information. Because if you do not remove your personal information, it dramatically increases your risk of identity theft, of spam and of phishing. And hackers also will use this data to answer security questions and access your bank accounts. And I have seen this happen a number of different times. In fact, we've had listeners of this podcast tell me their stories of ways that they have gotten scammed, where scammers have gotten their information and they have logged into their bank account. So what do you do about this situation? Well, there's two things you can do. Number one is you can try to remove your personal information from these data brokers on your own. You go to each one of these different websites and there could be dozens, there could be hundreds, there could be thousands. And you go and look and you say to yourself, okay, I gotta send a letter on this one, I gotta send an email to this one. But I have to give proof that this is actually my information. So I have to send in my driver's license and a couple other forms of id and you have to do all these different hoops just to remove it from one different website. Or you can go and hire a service like Delete Me and Delete Me is a service that will remove your personal information from these websites. So what you do is you go to join delete me.compfp20 and create an account and that's going to give you 20% off if you go to that link. Then you submit your personal info, your name, your email, your phone number, past addresses, and Delete Me will file removal requests with dozens and dozens of these data brokers. When I did it initially, the first day alone, they did it to hundreds of data brokers and eventually they removed it from thousands of different websites and they'll rescan every few months and then they will update you with reports to your email. And then what you do going forward is you can use aliases or burner emails for non essential websites going forward. That's going to help you where your real core information is not being utilized. So the first part of your plan is I want you to remove your personal information from the Internet. The fastest way to do that is with delete me. And they save you so much time. And guess what? What time. Time is your most valuable asset. You need to make sure that you protect it. Number two is you need to make sure that you are using a password manager. Now, most people do not utilize a password manager. Maybe they have a spreadsheet or you're using a Google Doc, or you're trying to rely on the old noggin upstairs, but you need to make sure that you are utilizing a password manager. 81% of data breaches happen because of weak or reused passwords. And it's impossible to remember strong and unique passwords, which is why these password managers are so incredibly valu. And a breach on one site shouldn't mean access to your entire bank or all of your other financial systems. If you are using the same password on every single bank account, my friends, you have to stop doing that. So you need to use a password manager because they create very unique passwords. So how do you do this? First, you choose a secured password manager. I use two of them. I use one for my business and I use one for my personal information. And so typically sites like 1Password are absolutely amazing. They can actually help you with that information. Then you create a really strong master password that you will never use anywhere else. So when you sign up for one of these websites on one password or whatever else, you create this master password that nobody else wouldn't even know what it is. And then you import your saved passwords from either Chrome, Safari, wherever else into this password manager. So it's actually something that you can transfer over depending on what browser you utilize. And then what I would do is let it auto generate new complex passwords for each account. This is going to help you make sure that you are indefensible for people just randomly logging in. And the passwords that it creates are just a bunch of jumbled up numbers and letters that nobody would ever be able to guess. Now, you can also store backup codes and secure notes in some of these apps as well. They are really, really helpful for most people. And I highly, highly recommend a password manager. It does not cost much to have one available. Number three is to enable two factor authentication. Now this really does matter for a lot of people. And some people who do not check that box because they do not want to deal with like a text code coming to their phone or an email coming in and taking that extra step. That is something you Absolutely do not want to do. You have to enable Two Factor Authentication when it comes to anything financially related. Now, even if a hacker has your password, they cannot log in with Two Factor Authentication and Text message. Two Factor Authentication can be hijacked. So the safer option now is to use something like Authy, which is a authenticator. Microsoft has one, Google has an authenticator. There are a bunch of great free ones out there that you can use, but on Authenticator will give you that Two Factor Authentication and nobody can access it. Now many financial institutions also require that Two Factor Authentication, but again, if you're just getting text messages in, it may not be enough. If you want that extra indefensible force, I would use an authenticator. And so what you can do is go to your security settings at all your banks or your broker or your email accounts and turn on Two Factor Authentication and choose App Based Authentication, not text. So you want to go in, you choose App Based Authentication, then download something like Google Authenticator, Microsoft Authenticator or Authy, and then you scan the QR code and store backup codes safely. You can store your backup codes in something like 1Password or whatever your password manager is and you can test it to ensure that you can actually log in securely. Number four is to freeze your credit reports. So freezing your credit reports is one of the easiest ways to make sure that your financial information is protected. One, it prevents anyone, including scammers, from opening loans in your name. How does this work? You go to the major credit bureaus and we'll go through the steps in a second and you go and freeze your credit. So when you are not opening up a credit card or if you're not opening a loan, you freeze your credit. So nobody else can try to open up a credit card or loan because when they run your credit report, it's frozen. And they know that this should not be open because you did not authorize it. Now it's free and it takes minutes and it's not going to affect your current credit use. And it's one of the strongest identity theft protections that are available. And I highly recommend you do it. Here's how you do it. Okay? One is you're going to go through to the three major credit bureaus. So you're going to go to Equifax, you're going to go to Experian, and you're going to go to TransUnion, and you're going to go to each of those websites individually. Then you're going to create an account and you're going to Verify your identity. And so when you create an account and verify your identity, that will allow you to start to freeze your credit. And so you go click freeze my credit or security freeze, and that's going to freeze your credit for that timeframe. And then you set a PIN or a password for each bureau. Use your password manager, make it really tough to know what it is, and then keep this info stored securely in your pass manager so that once you need to go back and unfreeze your credit, you can do it. Now, you can do this literally in 5 minutes once you set this up. It is so incredibly easy. I know it's an extra step. I know you don't want to do it, but you need to do it to make sure that nobody scams you and opens an account in your name. In the age of AI, my friends, we are going to get scammed left and right. And if you don't have some of these security things in place, it is going to be something that you wish you did. Number five is to utilize virtual credit card number. So if you don't know what a virtual credit card number is, it hides your real credit card number when you're shopping online. And it also limits your exposure if a site gets hacked. Because sometimes these websites will get hacked and they take all the credit card information they start running up on those credit cards. And you can also set spending limits or even delete cards instantly with each individual credit card number. Now, not all card issuers have this yet. I know places like Capital One have it, Citi has it. But what you want to do is you want to use your credit card issuer that offers these virtual cards, and you log into your account and you generate a virtual card. Okay? Then you set up a spending limit and an expiration date for each one of these. So if you want to go and do this quarterly, if you want to do it monthly, you absolutely can. And you use your virtual card at checkout instead of your real number. This is an account that has a spending limit so that you can't just run your card up and then you delete the card when you're done using it on that site or subscription. So some people will create virtual cards for each place that they start to shop. So one for Amazon, one for Netflix, one for wherever else you shop, and that'll help you going forward. Number six is beware of phishing scams. So this matters a ton for a lot of people now because phishing scams are getting more and more creative now. Most financial fraud starts with a phishing email or a text. And links often lead to fake websites that steal your personal info. And these phishing attempts are more convincing than ever before. It's not just for your grandma getting a phishing email anymore. A lot of times they'll look like your real bank website, or they will look like Amazon.com or they will look like your state toll provider and you get those toll texts, or they will look like, you know, somewhere you shop frequently. This is why when data brokers sell your information, they will sell your shopping trends. They will sell where you have spent money in the past. Let's say, for example, you shop a lot of Dick's Sporting Goods and Dick Sporting Goods sends you texts. Okay, well, if you shop a lot of Dick's Sporting Goods, they're going to see that. They're going to say, I'm going to send a text message looking like it's Dick's Sporting Goods goods. So that they think that if they push this, they're actually just logging into the exporting goods. But instead you're giving away the information that is on your phone. I want you to make sure that you are watching out for those scams. Also, with AI voice recognition, they can change voices based on people that, you know, I have had people tell me that they have gotten phone calls that sounds like their husband or their wife, or they have gotten phone calls that sounds like their parents are in trouble and they need money. And it's because these AI voice scammers are phishing for that information. So here's how to protect yourself. One, don't click on links or emails or texts you didn't expect. Two, instead, type the URL into your browser yourself. If you're shopping and it's Dick's Sporting Goods, send you in a link. Just type the URL into the browser yourself and go look at what the sale is. Check the sender's email address. Also, because scammers often fake. And so you want to make sure you look that email address, look for typos, look for urgency requests. A big red flag when it comes to scams is they are going to try to make it the most urgent thing you've ever heard. They say, hey, right now you got to spend this money, or right now you got to make sure that you pay this toll or whatever else it is. So you got to make sure that if there's urgency, that's always, always a red flag. And when in doubt, call the company directly. All right, next up is to secure your email account. So your email is the key to reset your passwords. And hackers can access your entire financial life from one inbox. If you have an email account that has all your information in one spot. And email is actually the number one most data breaches that's what they are looking for is they are trying to get your email login information because they can do a lot if they have that login information. Now what would you do if you were going to be one of the most protected people out there Is I would create a separate email just for banking and investing and obviously using very strong passwords and making sure it has that two factor authentication and avoid forwarding any emails with sensitive financial info. And then what I would do is periodically review your accounts, connected apps and devices and use encrypted services like ProtonMail mail if you want extra privacy. So ProtonMail helps you get that additional privacy if you are looking to make sure that you are bulletproof when it comes to some of this stuff. Now I would also use encrypted messaging for financial conversations. And you can do that with a service like Signal or ProtonMail for that secure information. And you can invite your spouse or you can invite your advisors or whoever else your CPA to use it with you. And then you enable auto delete on sensitive threads and never send banking info over regular text or email. You want to make sure that you have those conversations over secured places. So usually your CPA or your advisor will have some sort of place that you can send over secure information. Also making sure that you secure your investment and even your crypto accounts. So crypto is even more susceptible to a lot of these scams. Some reason a lot of hackers are targeting crypto platforms because they have really large payouts. But they also target your brokerage account. And many people leave thousands in hot wallets vulnerable online. And so security for investing is just as critical after as saving. You got to make sure that you have security for investing to protect your finances. Again you want to turn on two factor authentication for these accounts. You want to use hardware for things like your crypto so you can use a ledger or you can use Trezor for crypto and you can store your recovery phrase online. Never in the cloud and then obviously always monitoring logins and enable alerts for every new device. And then withdraw any idle crypto to cold storage instead of leaving it on exchanges. Exchanges are really susceptible to theft. And I am just waiting for the day that one of these big exchanges is going to get hit. It seemingly is all the time that they are having to protect from against some of this stuff. Lastly is to turn on account auto lock features. So many accounts let you freeze access when they're not in use and this just adds an extra layer of defense if your credentials are stolen. And it's like putting a digital deadbolt on your finances. So what you do is you log into your bank or your brokerage app, you look for credit freeze, login, timeout or travel lock features and you set your accounts to auto lock after inactivity. Now you can use biometric access like your face ID or your fingerprint for some of these apps. I like to always use face ID and then review your app security settings once a month. So those are 10 tips to put together your financial plan. Now I'm going to give you some quick tips for extra security that might help you with this. One is to make sure that you are monitoring your financial accounts more frequently with instant transaction alerts. Another one is to never store credit card details on shopping websites. So I know it's really easy to have that one click on Amazon, but that does make you more susceptible using a VPN in public WI fi areas if you're traveling across the country. I would utilize a VPN to protect your financial data if you have to log into banks and then disable any unused features like Zelle or Venmo. If you don't use them, that just means you are more susceptible to scammers and you have a wider range of your information being stolen. Also sign up for a dark web monitoring service if you want to go that extra step to detect leaked financial data and call your mobile provider to enable a SIM port freeze to prevent SIM swap attacks. If you're looking to protect your phone, another one is to set spending limits on your credit cards to minimize fraud risk. I like to do that a lot and then regulate regularly review third party app connections to your bank and investment accounts. And then lastly is to keep an offline backup of all important financial data in case of cyber attacks. All of those are super important. Those are some of the additional quick tips that I would definitely put into place. Thank you so much for listening to this episode. Make sure you go to joindeleteme.com pfp20 Sign up for DeleteMe, get your personal information removed. Also, don't forget to follow this show on Apple Podcasts, Spotify or or your favorite podcast player and we will see you on the next episode.