NEW YORK - Data
breaches at retailers aren't going away but there are ways
consumers can protect themselves from future heists of their
payment card information.
Home Depot said
Thursday that malicious software lurking in its check-out
terminals between April and September affected 56 million debit
and credit cards that customers swiped at its stores. Target,
Michaels and Neiman Marcus have also been attacked by hackers in
the past year.
are likely. The Department of Homeland Security Department
warned last month that more than 1,000 retailers could have
malware in their cash-register computers.
Here are five
ways to protect yourself:
ANOTHER WAY TO PAY
Try newer ways
to pay, such as PayPal or Apple Pay. "Any technology that
avoids you having your credit card in your hand in a store is
safer," says Craig Young, security researcher for software
maker Tripwire. Those services store your credit card
information and it's not given to the retailer when you make a
payment. Many big retailers, including Home Depot, accept PayPal
at their stores, but many others don't. Apple Pay, which was
only introduced this month, has even more limitations: It is
available in just a small number of stores so far and only
people with an iPhone 6 can use it.
cards or apps, such as the ones used at coffee chains Starbucks
and Dunkin Donuts, are also a safer bet, says Gartner security
analyst Avivah Litan. That's because they don't expose credit
card information at the register.
2. SIGN IT,
DON'T PIN IT
planning on paying with a debit card, sign for your purchase
instead of typing in your personal identification number at the
cash register. You can do this by asking the cashier to process
the card as a credit card or select credit card on the display.
Not entering you PIN into a keypad will help reduce the chances
of a hacker stealing that number too, Young says. Crooks can do
more damage with your PIN, possibly printing a copy of the card
and taking money out of an ATM, he says. During Target's breach
last year, the discount retailer said hackers gained access to
customers' PINs. Home Depot, however, said there was no
indication that PINs were compromised in the breach at its
3. BEWARE OF
After big data
breaches are exposed, and get a lot of media attention, scammers
come out of the woodwork looking to steal personal information.
Some emails may mention Home Depot or offer free credit
monitoring, but you should never click on the links. Many are
for fake sites that try to steal bank information or passwords.
"Avoid these entirely," Young says. If an email looks
credible, go to Home Depot's site directly instead of clicking
4. KEEP UP
card statements every month for any unauthorized charges. And
keep an eye out for smaller charges. Thieves will charge smaller
amounts to test to see if you notice and then charge a larger
amount later, Litan says. They may also steal a small amount
from millions of accounts, scoring a big payday, she says.
And check your
credit report for any accounts that crooks may have opened in
your name. Credit reports are available for free, from each of
the three national credit reporting agencies — Equifax,
Experian and TransUnion — every 12 months from
AnnualCreditReport.com. Home Depot is also offering free credit
monitoring and identity protection services to customers.
Customers can go to the company's website for more information
or call them at 800-466-3337.
5. GO OLD
Use cash. When
possible, the safest bet is to not swipe a card at all. Even if
security gets stronger at stores, hackers are likely to figure
out a way around it. "It's always a cat and mouse
game," Young says.