Ten habits that keep scammers out

Phishing messages impersonate people and companies you trust, and one wrong click can drain an account, expose you to identity theft, or install malware. If a message arrives that you weren't expecting, don't click links or accept offers — confirm the source first:

• →Check the sender's address. A fake can differ from the real one by a single character.
• →Hover over any link (without clicking) to reveal the real URL before you trust it.
• →Turn on your email program's spam filters.
• →When in doubt, call the company on a number you look up yourself — never the one in the message.

The same tricks come by text ("smishing"), by phone ("vishing"), and as "spear phishing," where scammers mine your social posts to make a message feel personal. AI tools now let them produce polished, urgent-sounding messages in seconds — so treat urgency itself as a warning sign, not a reason to hurry.

Most banks and providers offer security features that stop a lot of fraud before it starts:

• →Account alerts by text or email, so you hear about transactions and password changes right away.
• →Two-factor authentication — a one-time code sent to your phone or email on top of your password. That one extra step blocks most unauthorized logins.
• →Any extra verification your provider offers, such as voice or app-based approval.

Never share a password — with anyone. Skip anything guessable (1234, birthdays, names) and use long, unique passwords that aren't tied to your personal information. A password manager can generate, store, and autofill a different strong password for every site. Lock your phone, laptop, and tablet too — your devices hold more personal information than anywhere else.

Updates to your operating system and apps usually include security patches for newly discovered weaknesses. Turn on automatic updates wherever you can. And when you retire an old device, run a factory reset first so your personal data goes with it.

The internet connection running your home is easy to overlook. Use a router with strong encryption, and set a strong password on the router itself — plus every internet-connected device you own, from doorbells and TVs to speakers and thermostats. Each unprotected device is another way in.

Scammers can stand up a fake Wi-Fi network named after the airport, hotel, or café you're sitting in. Safer: tether to your phone's personal hotspot. If you must use public Wi-Fi, keep it to harmless tasks like checking scores — never log in to banking, shopping, or other sensitive accounts.

Growing up online doesn't mean understanding the risks. Start early and be honest about what can go wrong — including never sharing their name, school, or address with strangers, and never meeting in person someone they've only known online. Kids are as much of a target as anyone else.

Isolation and a tendency to trust can make older adults a focus for scammers who build a relationship over the phone or online before they ever ask for anything. Frame the conversation without questioning anyone's judgment: talk about the steps you take, not the steps they should take, and offer to be the person they call with questions.

It also helps to set up a trusted contact with their bank — someone the bank can reach about possible fraud, even if a spouse is already on the account.

Sign up for consumer-fraud alerts from the FTC, and check your credit report at least once a year — you're entitled to a free report from each of the three bureaus (Equifax, Experian, and TransUnion) at annualcreditreport.com, where you can dispute anything you didn't authorize. Consider a credit freeze for yourself and your family, which blocks new accounts from being opened in your name without your permission.

If an offer seems too good to be true, it is. No legitimate company will reach out electronically to ask for sensitive personal information — that alone is a red flag. Do what you can to prevent fraud, and be ready to limit the damage if it slips through. A little healthy skepticism is what keeps the technology working for you, not against you.