Financial Scam Alert + 3 Ways to Protect Yourself (and Your Loved Ones!) in Retirement
15:56 Share

Welcome to the Stay Wealthy Podcast. I'm your host, Taylor Schulte, and today I'm sharing important information about an increasingly popular financial scam. And to help you take action and stay safe, I'm also sharing three important tips for protecting your identity and hard-earned financial assets. For the links and resources mentioned today, just head over to youstaywealthy.com forward slash 151.

I'm not sure if I've ever shared this publicly before, maybe once a long time ago on the podcast, but about 10 years ago, my grandfather received a phone call from someone pretending to be me.

It's a version of the grandparent scam or the family in trouble scam, as some refer to it as. When the phone is picked up by the grandparent or the family member, the scammer simply says something like, hey, grandpa, and then waits for them to say something along the lines of Taylor, is that you? Now the scammer has my name says, yes, grandpa, it's Taylor, and then proceeds with the scam.

In this case, the scammer told my grandfather that my voice might sound a little funny because I was in an altercation in Canada or an accident and they gave me pain meds.

And as a result of this situation of this altercation, I'm in trouble and I need $7,000 in cash ASAP. The kicker, and this is common throughout all these, these scams is that the grandparent is told, or the family member is told by the scammer that they cannot tell anyone about this, that I'll get into even more trouble if anyone else gets involved or knows about the situation. So my grandfather believing it was me on the other end of the phone, even though I sounded a little funny, uh,

rushed to a few different banks and gathered up $7,000 in cash, put it in an envelope addressed to the scammer and dropped it off at the post office. It wasn't until he got home that my mother just kind of sensed something was wrong with him and started to ask some questions and ultimately called me to find out that I was on vacation sitting poolside with my wife and not in any sort of trouble.

Now, thankfully, she was able to take my grandfather down to the post office and retrieve the envelope of cash before it was mailed off. I, of course, immediately called my grandfather, who was rightfully very spooked by the whole thing. And in addition to assuring him that I was okay, I let him know that I was very happy to learn that I was worth at least $7,000 in cash to him.

Now, it might sound like a simple scam that any of us think we could spot a mile away and that victims of these scams are just old or they aren't very smart, but that's not necessarily true. My grandfather, even today at 92 years old, is extremely sharp. These scammers are just really good. And any one of us can easily fall victim to these increasingly complex scams, which I

is why I wanted to bring a relatively new one or a spin on an old version of one to your attention so that you can be prepared and even warn your loved ones in your life who might be more vulnerable. Here's how it works. Scammers have found a way to mimic your bank or credit card company's customer service or fraud hotline phone number. The scam starts by sending you a fake text message alerting you of a potentially fraudulent charge on your account.

If you've ever received a legit version of this, you know that the text message from your bank or credit card company typically asks that you text them back with a yes or a no to let them know if you recognize the charge that's in question. And that's exactly what the fake text message does as well. So it feels in line with what many of us are used to from our bank or credit card company.

Given that this is a scam, you are not going to recognize the charge. So naturally you will respond back by typing no, at which point the scammer will call you from a phone number that's masked as the actual bank's phone number. So it looks like it's coming from your bank, just like your actual bank would do that. The scammer then asks you to verify your personal account information. And then from there, they have everything they need to go forward with their scam.

Given that these scams are getting more and more sophisticated, I wanted to share three very important tips to help you and your loved ones stay safe, protect your identity, and avoid sending $7,000 in cash or more to some fraudster. So tip number one.

If your bank, credit card company, insurance company, the IRS, or even the social security office ever calls you asking you to answer a question, just politely tell them that you will hang up the phone and call them right back. Do not let them give you a callback number. Go to the institution's website or look at the back of your credit card, find their customer service number and call them back.

In the scam I just referenced about my grandfather, if you respond to the scammer with this approach, they will tell you that there's no need and that you can just look at the back of your credit card or do a quick Google search and you'll see that the number they're calling from is the same. Again, they are masking their actual number with your financial institution's phone number.

And it's impossible to know that unless you actually hang up and call the correct number back. And if it's actually your bank calling you or your credit card company, they will be very supportive of you hanging up and calling them back. They've been through this drill before.

Another version of this, especially as it relates to the grandparent scam, is to come up with a family code word for everyone to use. So if someone calls pretending to be a family member and something just feels a little bit off, you can ask them for that code for that code word to prove that it's them. You can also ask them a personal question that only they would know, even as something as simple as, you know, what's my dog's name or what city did I grow up in?

In the end, if something just doesn't feel right, it probably isn't. So trust your instincts and do your very best not to let the caller rush you into anything. Okay, tip number two, and we've spoken about this before at length on the podcast, but it's just too important not to mention, which is to freeze your credit and freeze your spouse's credit, if applicable, with all three credit agencies. This is one of the easiest ways to protect your identity. And yet I'd say,

Three quarters of the people that I meet with for the very first time still have not frozen their credit. And their reason is either that they wrongfully assume that freezing their credit would cause some unwanted issues in their financial life, which I can understand based on the word credit freeze. It's a little scary. Or that the process to freeze their credit is just too much of a hassle. So they just keep putting it off.

The good news is, is those assumptions aren't true. In addition to, to freezing and unfreezing your credit being completely free, it's also much, much easier to process today than ever before. You simply create an online account at all three credit rating agencies. That's TransUnion, Equifax, and Experian, and just select the credit freeze option and go through the process.

If you ever need to obtain a loan after your credit's frozen or someone needs to run your credit, you simply ask that person what agency they need access to and then temporarily unfreeze your credit online with that agency by logging into your account. You can even download the app and do it on your phone.

I just processed a temporary unfreeze the other day and I was able to log into the TransUnion website. That's the agency they needed access to. And I was able to unfreeze my credit and also indicate how long to keep my credit unfrozen for. In other words, unlike in years past, I didn't have to log in once to unfreeze it and then remember to log in a few days later to freeze it again. It was just one quick login to temporarily unfreeze my credit for a period of time that I established and then it automatically froze again after that date.

If you want a simple step-by-step guide to freezing your credit, because I know some of this can sound a little daunting. So if you want a simple step-by-step guide to doing this, I've linked to one in the show notes, which you can find by going to youstaywealthy.com forward slash 151. Just set aside 15 minutes or maybe even 20 minutes on a lazy Saturday morning, and you will have just checked a very important financial planning box.

And I know we have some younger listeners here as well. And yes, freezing your credit also applies to you. This is not just a recommendation for those that are in or nearing retirement with seven figures in savings. Everyone should have their credit frozen. That way, if anyone ever gets a hold of your sensitive information, they aren't able to take out loans or open up accounts in your name. Now,

Now, to avoid any confusion, I just want to note that freezing your credit does not protect you from identity theft. However, if someone does happen to steal your identity, having your credit frozen greatly limits the fraud that they can commit against you. Similarly, if someone steals your credit card number, they can, of course, still use your credit card to make unauthorized purchases. Freezing your credit is not going to prevent that.

Also, if someone steals your social security number, a credit freeze won't prevent them from filing fraudulent tax returns or health insurance claims in your name. So you still need to remain alert and stay vigilant in all areas of your financial life. A credit freeze is a great step in the right direction, but it's not a magic bullet.

Two quick things before I move on on this. First, before you freeze your credit, be sure that you've established some method of monitoring your credit first. And that's because once your credit is frozen, you won't be able to sign up for credit monitoring. You can sign up for free credit monitoring through something like Credit Karma or Credit Sesame, although many banks and credit card companies now offer it as well at no cost.

As I've shared before in the podcast, credit monitoring is like an alarm system on your home. It notifies you after someone has already broken in. Freezing your credit is more like putting a lock on your front door, preventing someone from breaking in in the first place.

The second thing I want to mention here is I often get asked about LifeLock when bringing up this topic. If you sign up for free credit monitoring through Credit Sesame or Credit Karma and you freeze your credit with all three agencies, there's not really a giant need for LifeLock on top of that. LifeLock is basically a fancy credit monitoring system coupled with an insurance policy. So if the $300 to $400 per year...

with that insurance policy just kind of helps you sleep better at night, perhaps you can maybe justify it. But when credit monitoring and freezing is free for everyone, there isn't a giant need to pay for something extra like LifeLock.

Okay. Tip number three, and I've got some good stuff to share here. So stick with me so far, the two scams I've referenced involve either a phone call or a text message, but as we all know, email scams are quite prevalent as well. And they're even trickier. Sometimes I think it goes without saying that you should not click on any links or download any email attachments, but that's easier said than done. Sometimes you're

These emails often look like they are legitimately coming from your bank or credit card company with their logo in the body of the email and the email address actually appearing to be from the correct domain. So we have to be extra careful here. And similar to hanging up the phone, if our bank calls us asking questions, one version of that with email is to visit your bank's website directly or your credit card company's website directly by typing in their domain into your browser yourself,

versus clicking on a link in an email. For example, if you get an email from Bank of America that says, you need to click here right now to log into your account and address some sort of issue, do not click on that link inside the email. Instead, go to Bank of America's website in a separate tab or separate window and log into your account from there.

Clicking on a fraudulent link inside your email will take you to a login page. Sometimes it looks very much, if not identical to your bank's website, but it's actually a scam and a fake page that they worked up to get your login credentials. So to be safe, to be ultra safe here, when you're asked by your bank to log in via email, just instead just go straight to the bank's website or even call them directly if it's easier.

In a similar vein, just browsing the web can lead to harmful websites that can infect your computer and even steal sensitive information. So for that reason, I'm a big fan of using a VPN or virtual private network if I'm ever using unsecured internet at a coffee shop or an airport. ExpressVPN is a popular app. I'll link to it in the show notes, but there are dozens that are out there and they're all relatively inexpensive.

Also, if you can avoid unsecured connections altogether, that would be even better. One example is to use a password protected hotspot on your phone versus free public wifi. I'm also a fan of browser plugins like Avast, A-V-A-S-T, that will automatically secure your browser against real-time threats, trackers, and scams. Also, Avast has a VPN as well, so you could package everything up with them if you want to keep things really simple.

Lastly, and this is where I've got some good stuff to share. As some of you know, I'm a huge fan of password managers like Dashlane and LastPass. However, I've been talking about them for years, and I found that many people fail to adopt these password managers properly because there's a bit of a learning curve. And if that's you, I've got some good news and potentially a simple solution. So according to Hive Systems, which is a popular cybersecurity firm, if you're a

If your password is comprised of just 18 lowercase letters, just 18 lowercase letters, it will take a hacker an estimated 2 million years to brute force hack your password. And by brute force, I mean the hacker is using trial and error to guess what the password is versus breaking into your home and finding it on a post-it note or hacking into your computer and finding it.

So through trial and error, it would take a hacker 2 million years to guess your 18 letter, all lowercase password. And according to Hive, if you use lowercase and uppercase letters, it would take them an estimated 467 billion years. What if you sprinkle in a few numbers as well? Well, in that case, they would estimate that it would take the hacker 11 trillion years to guess your password through trial and error. But get this.

A highly complex password with numbers, uppercase letters, lowercase letters, and symbols that only has 10 characters can be brute force hacked in five months. In other words, a password like capital N one exclamation mark, lowercase A S capital Q hashtag six, seven question mark is less secure than something like I love the stay wealthy podcast.

In fact, Bill Burr, the author of An Influential Guide to Computer Passwords, publicly regrets the advice that he gave 19 years ago when he published his famous manual. A key recommendation at that time was for users to change their password every 90 days and

and muddle up words by adding capital letters, numbers, and symbols. But today, he acknowledges that users should not change their passwords frequently because people tend to only make small altercations. For example, they might change their password from ilovestaywealthy1 to ilovestaywealthy2. And in other situations, people will sometimes come up with an even weaker password when they're forced to change it just so they can complete the task and move on with their day.

So what this all means is that you may not need a password manager. If you can come up with a memorable phrase, an 18-letter memorable phrase, or maybe even a few memorable phrases that include uppercase and lowercase letters, and maybe a few numbers if you want to be extra secure, you can save yourself the headache of learning how to use these fancy password applications that in some cases produce passwords that are not as secure as some think.

Now, I'm still a huge fan of password managers, and I personally use one for my family, but perfect is the enemy of good. And I'd rather see someone take action with securing their financial life than doing nothing at all.

I hope this is helpful for you today. For all the links and resources mentioned, including that step-by-step guide for freezing your credit, just head over to youstaywealthy.com forward slash 151. Thank you as always for listening. Stay safe out there and I will see you back here next week.