MONEY Passwords

Skin-Implanted Chips Will Replace Passwords in the Future

NFC chip on pad of thumb
Sarina Finkelstein (photo illustration)—Getty Images (2)

It's not science fiction anymore — a chip implant can hold your passwords, credit card numbers and health information.

It was a moment out of science fiction. All eyes were on Kaspersky Lab researcher Povel Torudd as he sat center stage at the Kaspersky Security Analyst Summit in Cancun, Mexico, recently, waiting to become a cyborg.

Torudd volunteered to have a Near Field Communications (NFC) chip implanted in his hand by a professional body piercer using sterilized tools, a marker to show where the chip would be inserted, a scalpel and an imposing-looking insertion syringe.

Within minutes, Torudd was done. No hysterics (except for a few of us in the audience) and lots of curiosity.

NFC implants, such as the one now in Torudd’s hand, can be used for a variety of digital age tasks.

The chip can be used as a form of authentication in a multi-factor authentication scheme. It can store digital logins or manage public encryption keys, according to Hannes Sjoblad of the Swedish Biohacking Association.

NFC implants can also be used for personalization and user configuration. Sjoblad outlined how the chip implanted in his hand can automatically reset his car’s seat and mirror settings to account for his larger physique after his smaller-framed wife drives the family vehicle.

Sjoblad also stores information about his gym memberships and rebate memberships for retailers he frequently shops with in Sweden. “It’s made my life easier and interesting,” he said.

Torudd agreed to let the audience watch the implanting of a chip about the size of a grain of rice under his skin between his thumb and forefinger. It is powered by a tiny battery, but don’t worry about chip running out of juice too quickly. The chip is “asleep” most of the time, and wakes up only when the associated Android app attempts to read the stored data. And removing the chip is as simple as the insertion process, Sjoblad said, requiring a small scalpel cut over the insertion point.

Implants may soon supplant basic items in our pockets, such as car keys, proximity cards, and other forms of authentication, Sjoblad said, noting they can “replace all silly passwords.”

While biohacking has the potential for solving different types of authentication issues, there are unique security challenges posed by the technology. Privacy is always a concern when data can be accessed remotely, but the fact that healthcare is one of the big drivers for implants exacerbates privacy concerns.

These chips can potentially store years of data, which can be highly valuable for the attacker, as well as highly detrimental to user privacy if leaked.

More than just privacy, this kind of technology may potentially affect the person’s physical safety, Sjoblad said. Consider that researchers have already identified potential risks associated with existing human implant technology, such as insulin pumps, pacemakers, and cochlear implants. Past demonstrations have shown how insulin pumps and pacemakers can be manipulated maliciously to potentially harm the person using these medical devices.

More from Credit.com

This article originally appeared on Credit.com.

MONEY Taxes

Your Kids Are the New ID Theft Targets — Here’s How to Protect Them

child fingerpainting
Meg Fahrenbach—Getty Images

Identity theft poses a huge risk to your children's financial future, but it could make a mess of your taxes, too.

Filing your taxes should trigger a feeling of relief — it’s a huge thing you get to scratch off your to-do list — but millions of taxpayers have submitted their taxes only to have a very unpleasant experience: that their Social Security number has already been used in a tax filing. Most people discover this when attempting to file their taxes online, and they’ll instantly receive a notification from the IRS that the return has been rejected as a fraud attempt.

Instead of marking the end of your tax adventures for the year, such a notification is only the beginning of the many months it will take to correct your taxes. Risk isn’t limited to your Social Security number — if you have dependents and someone fraudulently files taxes with their Social Security numbers before you do, it will affect your return.

It happens. Identity theft among children is sometimes harder to detect, because one of the best ways to discover fraud is by checking credit reports. Your child shouldn’t have a credit report until he or she has a loan or credit card in his or her name, so parents assume there’s nothing to use as a fraud detector in the first place.

If Someone Claims Your Child as a Dependent

When you try to file your taxes, rightfully claiming your child as a dependent, you’ll likely receive a message from the IRS saying someone has already claimed the person with that Social Security number as a dependent and your return has been modified to exclude that person. That will affect the refund you receive (or how much you owe the IRS), even though you can rightfully claim the child as your dependent.

At this point, you need to do two very important things: Start the process of fixing the problem, and protect your child’s identity from further abuse.

How to Fix Your Taxes After Fraud

Jared Callister, a partner and tax attorney at Fishman Larsen Chaltraw & Zeitler in California, said the first thing you should do is contact the IRS to dispute the rejection of your dependent claim. The message from the IRS informing you of the issue should include contact information.

“Write a quick letter to that response, saying it’s your child and you want the IRS to adjust it back to what the original return said,” Callister said.

Then you need to notify the IRS of the identity theft by filling out Form 14039, Identity Theft Affidavit on behalf of your child.

“And then you’re just kind of waiting for a response from the IRS,” Callister said. “My guess is it will take about 6 months to get that resolved.”

To follow up on identity theft issues regarding taxes, you can contact the Identity Protection Specialized Unit at 1-800-908-4490 — expect to be on hold for a long time, especially if you’re calling during filing season.

How to Protect Your Kids From Further Fraud

Once someone’s Social Security number has been stolen, it can be extremely difficult to prevent abuse. Contact the credit bureaus and notify them your child’s Social Security number has been stolen, and regularly request the child’s credit reports to make sure no one is opening unauthorized accounts in his or her name.

Undetected fraud can wreck a child’s credit before he or she has had a chance to establish it, which is why it’s important to intervene early. Most parents want their children to enter adulthood with a good financial foundation, and credit is a huge part of that, so take action quickly if you sense your child’s identity has been abused.

More from Credit.com

This article originally appeared on Credit.com.

TIME Crime

‘Revenge-Porn King’ to Plead Guilty and Face Imprisonment

TIME.com stock photos Computer Keyboard Typing Hack
Elizabeth Renstrom for TIME

Hunter Moore is charged with hacking into victims' email accounts and posting their nude photos on his website

The owner of a “revenge porn” website, accused of posting stolen nude photos of women online, has agreed to plead guilty to federal computer-hacking and identity-theft charges, prosecutors announced Wednesday.

The Los Angeles Times reports that Hunter Moore was dubbed the “king of revenge porn” for running a website called IsAnyoneUp.com, on which explicit photos of women, stolen from their personal email accounts, were posted.

Moore, 28, also paid Charles Evans to hack into computers and steal nude photos from victims’ accounts. Evans is due to go on trial March 17.

Moore faces up to seven years in prison. He is set to appear back in court on Feb. 25.

[L.A. Times]

MONEY Taxes

Some Need to Take a Quiz to Get Their Tax Refund

Pop Quiz! written on black chalkboard
Isaac Koval—Getty Images

In Ohio, state officials are trying to stop tax identity theft by requiring some taxpayers to fill out an online quiz before accepting their returns.

State governments around the country are struggling with tax return identity theft, a problem so rampant that even TurboTax had to temporarily suspend electronic state filing. In Ohio, where 58,000 fraudulent tax returns have been intercepted this tax season, state officials have taken the drastic step of requiring some taxpayers to fill out an online quiz before accepting their returns.

“The Ohio Department of Taxation has intercepted more than $250 million of fraudulent refund claims this year,” the agency said on its website. That’s a huge increase from 10,000 fraudulent returns seeking $8 million last year, according to the Dayton Daily News.

Once a computer determines that something is suspicious about the return, taxpayers are directed toward the “quiz,” which will look a lot like the out-of-wallet challenge questions posed by AnnualCreditReport.com and other sites seeking to authenticate consumers. According to taxpayers who say they’ve been challenged, the questions ask users to confirm streets they’ve lived on, cars they’ve owned, and so on.

“This is changing daily, but as we are still relatively early in the filing season, the Ohio Department of Taxation is opting to be more stringent with the screening of returns,” said Gary Gudmundson, the agency’s communications director. “Of the 1.2 million returns requesting a refund, 49% of those filers/taxpayers … have been directed to take the Identity Confirmation Quiz.”

Users directed to the quiz can expect delays in receiving their tax refunds; how long is unclear. Those who cannot correctly answer the questions can expect additional delays. They will be directed to telephone operators for additional verification.

“Of those who’ve taken the quiz, 95% passed. Those who don’t are asked to submit documentation (copy of driver’s license, birth certificate, utility bills, previous year(s) tax returns, etc.) to prove they are who they say they are,” said Gudmundson.

One user who said she failed to answer correctly wasn’t immediately booted from the system.

“Did it and apparently answered one wrong but they give you another chance,” she wrote on Facebook.

Given the heightened concern about identity theft and tax returns, some residents are worried the challenge questions are part of a scam. Ohio tax officials are telling taxpayers via regular mail that they must complete the quiz.

“If you get a letter, yes it is from the state, not a con,” wrote one Ohio resident on her Facebook page.

For an identity thief to steal your tax return, they need a lot of personal information, including your Social Security number, which can be used to perpetrate all sorts of fraud, even opening new accounts in your name and wrecking your credit in the process. You can spot identity theft quickly by regularly monitoring your credit. You can get your credit reports for free once a year at AnnualCreditReport.com and you can get your credit scores for free every month on Credit.com.

More on Income Tax:

MONEY identity theft

Millions of People’s Data Stolen in Health Insurance Hack

Anthem, the second-largest health insurer in the U.S., says hackers obtained names, Social Security numbers, dates of birth, and more.

MONEY identity theft

Anthem Health Insurance Was Hacked. Here’s What Customers Need to Know

150205_FF_AnthemHacked
Darron Cummings—AP The corporate headquarters of health insurer Anthem, in Indianapolis.

Unfortunately, this hack is much worse than the average data breach.

Anthem customers might be feeling a bit ill this morning. The nation’s second-largest health insurance company just announced that hackers have stolen members’ Social Security numbers, names, birthdays, medical IDs, and more sensitive personal information in a massive data breach. The breach affects an estimated 80 million customers and employees. At this point, Anthem does not believe the hackers accessed credit card or medical information.

“Safeguarding your personal, financial and medical information is one of our top priorities, and because of that, we have state-of-the-art information security systems to protect your data,” Anthem President and CEO Joseph R. Swedish said in a statement. “However, despite our efforts, Anthem was the target of a very sophisticated external cyber attack.” Anthem does not yet know who was responsible.

Anthem says members of multiple health plans were affected, including Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare.

The company has promised to individually notify every person who was affected and provide free credit monitoring. You can visit www.AnthemFacts.com or call 877-263-7995 to learn more from Anthem.

Unfortunately, this hack is much worse than the average data breach. If your debit card number is compromised—think of Target’s data breach—the worst thing that happens is, after some headache, you get your money refunded and a new card. But if your Social Security number is compromised, identity thieves can wreak havoc on your life.

With a Social Security number, fraudsters can apply for credit cards, mortgages, and other lines of credit in your name, racking up debt on your tab. That can ruin your credit, making it difficult for you to get a new credit card, mortgage, or even a job. Identity thieves can also file fraudulent tax returns in your name, robbing you of your refund and causing chaos at the IRS.

Scared yet? If your Social Security number could have been compromised, here’s what you should know about your options.

You probably can’t get a replacement Social Security number

You might wish you could just get a new Social Security number. Don’t bother, says Paul Stephens, director of policy and advocacy at the Privacy Rights Clearinghouse.

First, it wouldn’t be effective: Government agencies, credit bureaus and businesses will still associate you with your old, compromised number. Meanwhile, you’ll need to rebuild your credit history from scratch, which will make it harder to get your finances in order. Plus, the Social Security Administration rarely issues replacement numbers after data breaches, Stephens says. If it did, half the country might be eligible.

“I’m not aware of any situation where someone has gotten a new Social Security number because of identity theft,” Stephens says. “That is very difficult to do, and consumer advocates advise against doing so. It further complicates things for you, and the act of getting a new Social Security number is not really going to impact the ability of a criminal to use your old Social Security number.”

If you want to try anyway, gather documentation to prove your citizenship (with a birth certificate or passport), your age (with a birth certificate, religious record, hospital record or passport) and your identity (with a drivers’ license, state-issued ID, or passport).

The SSA says you need to “provide evidence you are having ongoing problems because of the misuse” to be considered for a new number. So if your Social Security number has been exposed but you’re not yet a victim of fraud, don’t waste your time.

“You cannot get a new SSN to avoid the consequences of filing for bankruptcy, to avoid the law or your legal responsibility, or if there is no evidence that someone is using your number,” SSA spokesman William “BJ” Jarrett said in an email. Jarrett advises that if you believe someone is fraudulently using your Social Security number, you should first file a police report and contact the Federal Trade Commission (877-438-4338). “If you have done all you can to fix the problems resulting from misuse of an SSN and someone is still using it, Social Security may be able to assign a new number.”

The Federal Trade Commission also warns that there are companies that offer to help you apply — for a fee, naturally. But you don’t need their help and you shouldn’t have to pay any money; the application for a replacement Social Security number is free.

You can put a security freeze on your credit report

This is the most foolproof thing you can do, but there are downsides. A freeze means no one can pull your credit report—so no one can apply for new lines of credit in your name, not even you.

Actual identity theft victims can get a freeze for free, but others have to pay. Prices vary by state. It can cost up to $30 to institute a freeze and $12 to lift. You have to “lift” the freeze every time you apply for credit, so that the creditor can check your report.

In other words, there could be a $12 surcharge every time you apply for a credit card, mortgage, or even a job or apartment. For that reason, credit freezes aren’t always a practical solution, especially not for young people who move around a lot.

Contact Experian, Trans­Union, or Equifax to institute a freeze.

You can put a fraud alert on your credit report

This one is easy—and you can do it even if your information hasn’t already been exposed. A fraud alert tells creditors to double-check whenever someone applies for credit in your name. For example, when a credit card issuer receives an application for a new card, a fraud alert tells the company to contact you and make sure you’re really the one who submitted the application.

Again, contact Experian, Trans­Union, or Equifax to place a 90-day alert. It’s free. If you’re a confirmed identity theft victim, the alert lasts seven years.

You can monitor your credit reports

However, you shouldn’t stop there. Under the law, you’re entitled to a free credit report from each of the three credit bureaus every year. Check it.

“If you opt for just the fraud alert, you need to be aware that fraud alerts are not infallible,” Stephens says. “We would recommend that you continually regularly examine your credit reports. Get them every few months and make sure that there’s nothing on there that’s fraudulent.”

You can also sign up for credit monitoring—just don’t pay for it. After a data breach, it’s become the norm for companies to offer free credit monitoring to victims, Stephens says. He also recommends free monitoring from Credit Karma and Credit Sesame.

This article was adapted from an earlier story, What to Do If Your Social Security Number Was Leaked like Sylvester Stallone’s.

Related:

MONEY the photo bank

The Woman Who Followed Her Identity Thief for Two Years

Photographer Jessamyn Lovell put her own identity thief under surveillance for two years—and exhibited the results for all to see.

Jessamyn Lovell, of Albuquerque, has curly brown hair cut just above the shoulder.

Perhaps once, before she bleached it a brassy orange, Erin Hart, of San Francisco, had similar hair. But that’s where the similarity ends.

Yet about five years ago, Erin Hart stole Lovell’s identity, using Lovell’s stolen ID cards to check into a San Francisco hotel. Lovell learned of the crime when the San Francisco police contacted her. Bills and citations soon started pouring in—presumably the result of Hart’s spree, though Lovell can’t definitively connect Hart to the three damaged cars rented in her name, parking tickets, and charges for petty theft and toll evasion.

MORE The One Foolproof Thing You Can Do to Protect Yourself from Identity Theft

Now Lovell, an artist, photographer, and college instructor, has turned the tables. After an arduous and expensive process of clearing her name, Lovell hired a private investigator, tracked down the woman they believe was Hart, and over a period of two years followed her, taking grainy, surveillance-style photos of her own identity thief.

Thirty-two of the resulting images, plus other documentation of her ordeal, were displayed last fall at the San Francisco Camerawork gallery—the same gallery, in fact, from which Lovell’s wallet was stolen in 2011. (The photos and artifacts will also be published as book, “Dear Erin Hart,” by San Francisco Camerawork later this month; and will be shown publicly again, at the Colorado Photographic Art Center in Denver, from February 26 through March 28.)

It may sound like Lovell gave Hart her just deserts. But the photographer describes her motivations differently. “I did not and do not intend to punish Erin Hart through my project,” she says. “I just wanted to take my name back. And hopefully, it will make it harder for her to do what she has done, and caused her to see me as a person, not just a name on an ID.”

Lovell attempted, via Hart’s probation officer, to invite Hart to the opening, and even left a letter for her at the gallery. As far as Lovell knows, Hart never appeared. In December, Lovell heard from the probation officer that Hart may have become homeless.

MORE Here Are the Companies That Have Been Hacked — And What to Do

Lovell says she herself grew up poor and even now, as a lecturer at the University of New Mexico, “struggles to be in the middle class” while continuing to pay off the student loans she accrued getting a master’s degree in fine arts. As a result, Lovell now expresses sympathy for the economic challenges Hart faces.

“With a criminal record, she will have an even harder time finding any kind of legitimate employment,” Lovell says. “I think it’s harder to pull yourself up by your bootstraps than people want to admit.”

MORE 7 Ways to Keep Your Tax Refund Safe From Thieves

This is part of The Photo Bank, a recurring feature on Money.com dedicated to conceptually-driven photography. From images that document the broader economy to ones that explore more personal concerns like paying for college, travel, retirement, advancing your career, or even buying groceries, The Photo Bank showcases a spectrum of the best work being produced by emerging and established artists. Submissions are encouraged and should be sent to Sarina Finkelstein, Online Photo Editor for Money.com at sarina.finkelstein@timeinc.com.

Read next: I Ate Thanksgiving Dinner With My I.D. Thief for 19 Years

Listen to the most important stories of the day.

MONEY ID Theft

7 Ways to Keep Your Tax Refund Safe From Thieves

black glove holding US Treasury check
Sarina Finkelstein (photo illustration)—Getty Images (glove); Dan Sullivan/Alamy (check)

To make sure your hard-earned money doesn't fall into the wrong hands, protect your identity this tax season.

The tax season officially opened on January 20, meaning it’s time for that dreaded (but inescapable) annual job: filing your tax return.

One group isn’t putting off that task. Identity thieves may have already filed a return in your name—and made off with your refund check.

In 2013, the IRS mistakenly paid out more than $5 billion worth of refunds to identity thieves, according to the Government Accountability Office. The agency estimates it stopped another $24.4 billion in attempted fraud, and the problem may be even bigger than that. Considering that most refunds are for a few hundred to a thousand dollars, that’s a staggeringly large number of false returns.

And despite the IRS’s efforts to fight fraud, tax-and-wage-related identity theft still made up a third of ID-theft complaints to the Federal Trade Commission last year.

One reason this kind of fraud can happen is that the IRS processes refunds as quickly as possible, typically within 21 days, and matches up the verifying information later. That way you don’t have to wait six to nine months for a refund.

When you file early, the IRS might not even have everything it needs to verify your information. Your employer must send you your W-2 income statement by the end of January, but it doesn’t have to file that information with the government until March. The IRS often doesn’t even begin checking returns against W-2s until July, meaning it can take a year or longer for the IRS to spot the theft, the GAO report found.

You can reduce you odds of becoming a victim by making these seven smart moves.

1. Be the First to File

“You’ve got to beat the crooks to the punch,” says CPA Troy Lewis, chairman of the American Institute of CPAs’ tax executive committee. “Since January 20, it’s been open season, and they know that the first filer wins.”

Once the IRS receives a return with your Social Security number, the agency will reject any duplicate filings. So even though your return is the legitimate one, if it is second you will have to go through a verification process with the IRS.

If you owe money and want to delay paying as long as possible, file early anyway. You have until the April 15 filing deadline to mail you check regardless of when you submitted your return.

2. Eliminate the Paper Trial

Elect to have all tax documents delivered electronically, including your W-2 and 1099s. If e-delivery isn’t for you, opt for a P.O. Box or locked mailbox. “Toward the end of January is prime time for this,” says Lewis. “Thieves know that’s when W-2s are sent out.” Be sure to destroy extra copies or old tax paperwork as well. All thieves need is your date of birth and Social Security number to file in your name.

3. Put A PIN On It

The IRS is piloting an initiative, available to taxpayers in the tax fraud hotbeds of Florida, Georgia, and D.C., for a single-use, identity protection personal identification number.

To get the six-digit number, you need to register and verify your identity online. This PIN must be on all tax forms for your return to be processed, giving you an extra layer of security. Anyone who has had their identity stolen and reported it to the IRS will automatically receive a PIN annually.

The downsides: It’s another piece of information to remember and guard, and once you’ve opted into the service you can’t opt out.

You can sign up for a PIN on the IRS website.

4. Secure Your Network

This step is easy: Never file electronically over public wi-fi or a network that’s not password protected. Keep your antivirus software up to date and use a firewall.

5. Hang Up

Be wary of email or phone calls claiming to be from the IRS. An unexpected email from the IRS, notifying you about an outstanding refund or a pending investigation, say, is always a scam. The IRS will never initiate contact via email to request sensitive information.

If you do receive an email that appears to be from the IRS or the Electronic Federal Tax Payment System, forward the message to phishing@irs.gov. Don’t click any links within the email, even if the URL appears to be connected to the IRS website.

You should be equally suspicious of out-of-the-blue phone calls purporting to be from the IRS. Scammers typically say you’re entitled to a huge refund, or they may threaten you with arrest to get you to reveal personal information.

More sophisticated scammers may know the last four digits of your Social Security number and use that to win your trust, warns the IRS. Other scammers imitate the IRS toll-free number on your caller ID.

The best thing to do if you get a call: hang up. If you think the IRS may have a legitimate reason for contacting you, call them back (800-829-1040).

6. Pick a Preparer Carefully

Three in five taxpayers will get help preparing their taxes this year, the IRS reports, but not all help is equal. Some shady preparers set up shop to snag your personal information or make off with your refund. And no matter who prepares your return, you’re responsible for what is on it.

First, check that the pro has a preparer tax identification number. All paid tax preparers must have one. That’s just a start. “Some people may try to pass their tax preparer identification number off as a license, but it’s just an ID from the IRS. It’s not a sign of authenticity or knowledge,” says Valrie Chambers, a CPA and Stetson University accounting professor.

Ask what professional organizations the pro belongs to. Check with the Better Business Bureau to see if complaints have been lodged against him or her. Make sure licenses are up to date and whether any disciplinary actions have been taken—this IRS guide lists which agencies supervise different kinds of pros.

“You want someone with a license, a reputation, a permanent shop,” says Chambers. “You’re giving this person all your information: your Social Security number, your bank routing number.”

7. Have Less to Lose

If you’re expecting a big refund this year, you have a lot of money at stake. By adjusting your tax withholding so that you get a small refund or even owe a small sum, any fraud-related delay won’t cause you as much financial hardship. “You don’t want to be dependent on this money,” says Lewis.

MONEY credit cards

5 Ways Your Credit Card Can Be Stolen Right Under Your Nose

woman using ATM machine at night
Maciej Toporowicz—Getty Images/Flickr

Card thieves have many techniques for stealing your data without you noticing.

There are several things people freak out about when their wallets or purses have been stolen: knowing a thief has your ID (and your home address), losing irreplaceable gift cards or cash, and having to cancel your credit cards. That’s usually the first thing people do — call their banks — but it’s easy to act quickly when you realize you’ve been robbed. Sometimes, it’s not that simple.

Thieves steal credit and debit cards all the time without taking the physical card. The most common kind of card theft results from data breaches. Last year, millions of U.S. consumers had their cards replaced after their information was compromised in one of the massive cyberattacks on retailers, even if their cards didn’t show unauthorized activity. People have gotten used to the idea that data breaches are inevitable, but there are lots of daily activities that put your cards at risk for theft, without you noticing.

1. Drive-Thru

A Pennsylvania woman was recently arrested for allegedly swiping customer cards on a personal card reader while she worked the drive-thru at a Dunkin’ Donuts, WFMZ reports, reportedly using the information to create duplicate cards and charge more than $800 to the accounts.

That’s not the first time a story like this has popped up, and it’s likely to happen again, because the situation presents an easy theft opportunity to drive-thru workers: Customers hand over their cards and usually can’t see what the cashier is doing with it on the other side of the window. It’s not like you should avoid the drive-thru for fear of card theft, but it’s one of many reasons to regularly check your card activity for signs of unauthorized use.

2. Restaurants

How often do you see your server process your dinner payment? Usually, he or she takes your card away from your table and completes the transaction out of your sight. Many restaurant workers have taken advantage of this situation to copy customers’ cards and fraudulently use the information.

3. On the Phone

People are pretty trusting when making orders over the phone, assuming that whoever takes the order is entering the credit or debit card number, expiration date and security code into a payment system, not just copying it down for their own use. On the flip side, it might not be the person on the other end of the call you should worry about — plenty of people read their card information aloud within earshot of strangers, making it easy for someone nearby to write down the numbers.

4. RFID Scanners

Most radio-frequency identification (RFID)-enabled credit and debit cards have a symbol (four curved lines representing a signal emission) indicating the card has the technology for contactless payment. If you have one of these cards, you have the ability to use tap-and-pay terminals found at some retailers, because your card sends payment information via radio frequencies, received by the terminal.

That same technology also allows thieves to use RFID scanners to copy your card data if they get close enough to it and your card isn’t protected. If you’re not sure your card has RFID technology, call your issuer, and if it does, use signal-blocking materials and products to protect it.

5. Card Skimmers

Thieves have been installing copying devices at gas pumps and ATMs for years: They tamper with card readers to install skimmers that copy your card data when you swipe it, so a thief takes your credit or debit card information while you complete an otherwise routine transaction. Experts advise you look closely at card readers for signs of tampering, use ATMs serviced by your bank and check your card activity regularly for signs of fraud.

That’s really the best way to combat credit card theft: Watch closely for it. With online banking and mobile applications, it’s easy to check your accounts every day, making it more likely you’ll spot something out of the ordinary than if you only looked at card activity once a week or so. You can also check your credit score for sudden changes, which can be a sign of fraud or identity theft. You can get two of your credit scores for free every 30 days on Credit.com.

MONEY state of the union

What Every Consumer Should Know Before Watching the State of the Union

State of the Union address 2014
Jonathan Ernst—Reuters

A sneak peek at what Obama’s State of the Union ideas could mean for your wallet.

This year, President Obama broke with tradition and started previewing his State of the Union proposals in the two weeks before the big event. He went to Tennessee to talk about community college, to Iowa to talk about broadband, to the Federal Trade Commission to talk about identity theft, and even to LinkedIn, where his senior adviser published his plan about paid time off.

As a result, we already have a pretty good idea of what we’re going to hear Tuesday night—and what it actually means. Here’s MONEY’s take on Obama’s proposals.

1) Obama wants to raise taxes on the rich and give credits to the less-rich; Republicans say, “Yeah, right.”

On Saturday, the White House announced a proposal to raise the capital gains tax from 25% to 28% and close what’s sometimes called the “trust fund loophole.” Obama wants to use the revenue to create a $500 tax credit for families with two working spouses; expand the credits available to families with children; expand the education tax credit for college students; and force businesses without retirement plans to automatically enroll workers in IRAs. Republicans have said this plan is a nonstarter.

While political observers agree that these ideas stand little chance of becoming law, consider this Obama’s opening argument in the coming debate about tax code reform. Read more >>

2) Obama’s broadband plan might just fix the internet.

Think of it as the internet’s “public option.” Some cities, like Chattanooga, Tenn., have much faster internet than the rest of us. That’s because municipalities have built their own broadband networks to compete with internet providers like Comcast and Time Warner Cable, driving prices down and speeds up.

So why won’t your town do the same? Because it’s often illegal—19 states have laws preventing municipalities from creating their own networks. Obama plans to ask the Federal Communications Commission to override these laws. We don’t yet know if the FCC has the authority to do that, but if it does, Obama’s plan could change the way Americans access the internet. Read more >>

3) You already have identity fraud protection tools that are better than the ones Obama proposed.

Obama’s plans to fight identity theft aren’t nearly as ambitious. First, he’ll call on Congress to pass a new law requiring companies to tell you within 30 days if your personal data is exposed. Second, he’ll call on banks and financial institutions to give you access to your credit score for free.

But that won’t do much to protect your money. Most states already have even stricter laws about security breach notifications, and by the time an identity thief has tanked your credit score, it’s way too late. Instead, you’re better off with the tools you already have: chip-and-signature credit cards and free credit reports. Here’s what you can do today to beef up your fraud protection. Read more >>

4) President Obama will push for paid sick leave and paid maternity leave—but look to your city hall instead.

The United States lags behind the rest of the world when it comes to paid time off: 88% of American workers have no paid family leave, 39% have no paid sick leave, and 15% don’t even have unpaid leave. Obama wants to change that, starting with the Healthy Families Act, a bill that would let workers earn up to seven days of paid sick leave. He also wants to sign a memorandum giving federal workers at least six weeks of paid leave after a child is born.

But listen for more details about his third idea, to help states and towns start their own sick leave programs. Local government has been leading the way on this issue: California, New Jersey, and Rhode Island offer paid family leave, and more than a dozen cities have started offering paid sick days. Change seems more likely at the local level, so what specifically does Obama want the federal government to do? Read more >>

5) There’s not much hope for the free community college plan—but that’s okay.

Obama wants to offer free community college to about 9 million students every year. If you think that sounds great, don’t get too excited. Experts say the plan is dead on arrival—it’s too expensive, Republicans will never support it, and community colleges wouldn’t even be prepared for the influx of students. But there are already a ton of ways to take community college classes for free, or close to it. Read more >>

6) Lower mortgage insurance premiums will save homeowners money. But will that really help the housing market?

The Federal Housing Administration plans to lower government mortgage insurance premiums from 1.35% of the loan amount to .85%. That translates to a savings of about $900 a year. The hope is that will encourage more Americans—especially first-time buyers—to enter the housing market. But there are other reasons why this demographic hasn’t started shopping yet. Plus, Republicans are afraid the change could put more homeowners at risk of default. Read more >>

7) Book your trip to Cuba today.

Here’s the rare foreign policy issue with implications for your spring break: Pack your bags for Havana! While the announcement wasn’t part of Obama’s State of the Union “spoiler” tour, Obama is sure to talk about his decision to reestablish diplomatic ties with Cuba—and new travel rules went into effect on Friday.

Starting January 16, you no longer need a special government license to travel to Cuba, and neither do airlines or travel agents. Since the rules have been loosened, prices are expected to fall—but make your plans before demand picks up. Read more >>

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser