I've had numerous attacks on everything from credit cards to my brokerage account. Fortunately, my brokerage stopped them all and asked if they were my transactions and this is in the six figures. Some credit cards have been hacked before we even took possession of them. I have a friend who uses a program on his Apple phone that requires a confirmation picture of him with every transaction. Also, one of our banks will send a confirmation code to complete a transaction. Is there anything like this for Android? It would be nice if the same could be done with my laptop. Any thoughts or comments appreciated, THANKS.
Wow. That's terrible. I'm not even sure how a credit card can be hacked before you activate it. Most banks require two-factor authentication for activation.
A few tips beyond what siliconbruh999 posted:
1. Use a VPN for all internet use. (I like Nord, but others are good too.)
2. Use an independent password manager. I like 1Password, but there are others about as good. Personally, I think password managers are a PITA, especially if you share accounts with a significant other, but they're far more secure than not using one.
3. When purchasing from websites, use PayPal, ApplePay, or AmazonPay, on checkout, if one of them is available. They hide your credit card numbers and bank information.
4. If you must use websites that require you to enter a credit card, get a credit card from a bank which provides a virtual card number for each transaction. (Like Capital One.)
4a.
Do not save your credit card information on ANY website.
5. Enable two-factor authentication for every financial institution website and phone app. IMO, move your accounts from any institution which does not support T-FA and trusted device management for computers, phones, and tablets.
6. Reboot all phones, computers, and tablets regularly, like daily. Some malware hides in memory, and a shutdown and restart often flushes it out.
7. If you insist on using websites which are likely to include malware, or run applications which are not from a reputable source or a "playstore", do so only from Windows or MacOS, and use a VMM with a separate virtual machine just for these questionable sites and applications.
8. Enable storage encryption on any computing or storage device that offers it.
9. Many people recommend third party anti-malware applications, like McAfee, but I consider these packages malware themselves, because they're so annoying. Windows Defender and Apple's MacOS security features should suffice if you do the rest of the actions on this list.
haveibeenpwned.com
developers.cloudflare.com
