As a general rule, before I enroll any card for piggybacking, I'll turn on all the alerts and notifications and limits I can. I've never had an AU + fraud related issue yet, but I figure it can't hurt and might help.
I second that. I also use two-step verification on all accounts, and a recovery email account with very complex passwords which I only use as recovery accounts for banking - not any other types of accounts/subscriptions/services, etc.... The recovery email account is NOT connected to my banking as a recovery account, only to the primary email which I use solely for banking. As much of a hassle as it is to enter a code every single time I enter a banking app I've never had a genuine fraud problem.
Great tactics here! Thanks! This is unbelievable but this guy got in and changed my address, phone number, and email address for a 3rd time and requested a card to be sent! I called CapitalOne's fraud department and asked how this could possibly happen for a 3rd time and they think he has enough information about me to bypass the standard log-in to the account. I was able to place a lock on the online access to the account which cannot be unlocked unless I call and go through verifications. They also suggested I place a fraud alert on my credit report. If I place a fraud alert, will it have any effect on AUs being added or posted?
Thanks.. Just to clarify, in case I can make it easier to understand:
- I use only one email for all my bank accounts. This email is used for nothing else, ever. Also, 2-factor authentication is enabled here.
- That email mentioned above (which I use for banking only), has a recovery email (in case I lose access to the previous account) which is used for absolutely nothing else than a recovery email - it's not connected in any way to my banking or bank accounts. It uses 2-factor authentication.
By doing those two things, and by setting the two-factor to your phone, you can be pretty secure. Keep the logins for both accounts (and all bank accounts) on paper somewhere. Back up your phone to the cloud - this way, IF, for some reason you lose your phone, you can remotely wipe it (be sure to have that configuration setup & ready too) and still get access your accounts safely from another device.
Do NOT save your banking logins in your phone, or in your laptop/desktop. Instead, use fingerprint/facial recognition for them on mobile and enter them manually if you do it by laptop/desktop. Yes, it's a pain in the ass as I said, but you drastically decreased the chances of being hacked AND if you lose your phone, there is a lot less potential that you'll need to close accounts, which will affect your active tradelines when you have to cancel them because all your accounts were hacked and you require new cards & card numbers, etc...
Even without tradelines, it's something that everyone should practice. Nobody wants their $ messed with, and in the age of technology and scamming it's just too risky to not have these things in place. Even if you're extremely careful, without these measures in place you greatly increase your risk of a problem at some point or another.
It's a hassle when you're in a rush to constantly do 2-factor, but the extra time it takes offers a lot of peace of mind.