Protecting Yourself from the Latest Cyber Scams

August 30, 2023 — Sam H. Fawaz

Technology is ever-changing, and so are cybercriminals’ strategies.

What can you do to help prevent yourself from falling victim to new and trending scams? Read on to stay up-to-date on the latest cyber threats and ways to avoid them. 

1. Vishing and Voice Clone scams

Vishing, known as “voice phishing,” is a tactic where scammers leverage automated, computer-generated voice messages to call people and build trust in an attempt to obtain personal information. 

Vishing attacks are becoming more sophisticated as emerging artificial intelligence (AI) tools allow scammers to create audio content that can clone the voices of friends and family members.

If an alleged friend or family member calls frantically asking for money, hang up and call the person directly. You could also create a “safe word” that only you and your close family know. Should you ever receive a desperate call, you can quickly verify the validity with the safe word.

2. Phone scams: Smishing, SIM Swapping and OTP Bots, Contest or Crypto scams

We rely on our smartphones for almost everything. Unfortunately, there are more than a few ways scammers can reach unsuspecting victims through their smartphones. 

Cybercriminals are always looking for new ways to go “phishing” for your personal information. When tried and true methods grow tired and easy to spot, they’ll often shift their approach. Their latest tactics? Text message and social media scams.

Smishing: Smishing, or SMS phishing, is when a scammer sends a text pretending to be from a legitimate company (i.e. USPS, FedEX, etc.) in order to get sensitive information like your credit card or social security number. The text also often has a link asking you to confirm information. If there are typos in the message or if you’re suspicious, never click on the link. 

Fast Fact: Smishing is on the rise, costing victims a significant amount of money. In 2021, consumers lost an estimated $131 million because of SMS phishing attacks.

You may be aware of the security risks involved with phishing scams and clicking unknown URLs in emails, but the dangers are less well known when it comes to texts. Don’t be inclined to trust a text message any more than you do an email. Unfortunately, it’s just the latest trick.

You also need to watch out for job hoaxes, deposit scams and tax fraud.

SIM swapping: Another way hackers can use your phone is by “SIM swapping”. It’s actually similar to the process of getting a new phone and SIM card from your provider. From there, the scammer can get access to multiple accounts by inputting a verification code or starting an account password reset.

Reach out to your mobile phone provider and ask about additional security measures to protect yourself from SIM swapping. 

One Time Password (OTP) bots: Another tactic scammers use is OTP bots, which trick people into sharing authentication codes received by text or email. You might receive a robocall or text from someone posing as a legit company like your bank. 

Remember, no legitimate company will contact you to ask for your username, password or full card number over the phone.

3. Student Loan Payment scams

Scammers can take advantage of those who owe student loans by posing as federal loan servicers or seemingly legitimate businesses. They call and email to offer solutions such as loan consolidation or lower monthly payments. 

As part of the application form to qualify for these services, they might ask for sensitive information like your Social Security number or banking information.

If you receive an unexpected phone call or email from someone who says they’re with your loan servicer, hang up and contact your servicer instead. 

With federal student loan payments resuming in October, student loan payment scams are on the rise. Therefore, I will have a more detailed write-up on student loan payment scams coming in September.

4. Social Media scams

Popular movies and streaming services often depict shocking social media schemes where cybercriminals scam millions from unsuspecting victims. These scams may seem obvious when viewing them on screen — giving you a feeling of immunity against these attacks. But, social media scams can be subtle and difficult to detect, despite becoming increasingly common.

Be extremely wary when people you’re connected to on social networks ask for money through instant message (IM) or email. Fraudsters have been known to hack social networks and assume the identity of real users, then send messages to their contacts stating the person has been robbed or is stranded somewhere and needs you to wire money in order to get home.

If you receive one of these requests, contact the person by phone and verify the request is real.

5. Investment, Contest or Crypto scams

Illegitimate contests, prizes and early investment opportunities are often at the center of crypto scams. They often target people who have already fallen for a crypto scam, so don’t let yourself be a repeat victim. They may offer you a refund if you pay an upfront fee or for access to your crypto wallet. 

If you hear about an investment opportunity that sounds too good to be true, it’s wise to think twice.

6. Digital Payment App scams

Third-party payment apps are convenient but beware of scammers when using them. While you can usually contest an illegitimate payment with your bank, it’s much more difficult to get a refund from a payment app.

Some common scenarios include accidentally overpaying, fake fraud alerts as well as phishing emails or texts. If you get a message that looks like it’s from a payment app, verify it by logging into your account through the app or website.

While it may be convenient, you should think twice before using payment apps while you’re connected to public Wi-Fi. These networks often have low security and may leave your personal information vulnerable to hackers and scammers. When you’re on the go, turn off both automatic Wi-Fi and Bluetooth connectivity on your phone to avoid automatically connecting to public Wi-Fi. 

7. Online Marketplace scams

Watch out for similar scams when selling or buying items through sites like Craigslist, Facebook Marketplace or eBay.

When you’re the seller, you might receive a fake payment receipt. Scammers may also overpay for an item you’re selling and then ask for a refund on that amount. When you send it, you may realize you never received their initial payment. Never ship the item until you have confirmation from your bank that payment has been received.

As a buyer, beware of bootlegs or broken items. If a deal seems too good to be true, it usually is. 

8. Work-from-Home scams

These typically start as an ad saying you can make big money working from home. Or maybe after posting your resume on a job search website, you’re contacted by an employer, who wants your driver’s license and bank account numbers before they even interview you.

What happens next? When you inquire about the job, the potential employer might ask for your sensitive personal information and subsequently swipe your identity and/or money.

9. Romance scams

In a romance scam, an unsuspecting person is tricked into believing they’re in a relationship with someone they met online — but in reality, it’s a con artist who often claims, conveniently, they can’t meet up IRL (in real life).

They’ll ask you to wire money for things like plane tickets, surgery or gambling debts. Their hope is that they can rely on the personal relationship they’ve built with you, though fraudulent, to guilt you into helping them in their time of need. 

If you’ve never met someone in real life, you should always view requests for payment and loans as potential red flags.

10. Suspicious “spoofing” Websites

Criminals create fake websites that look like real company websites in order to steal your personal information. Be cautious of links sent to you in emails. Phishing emails and smishing texts include links to these fake sites.

The best way to know that you are going to the real website is to type the URL directly in your browser or use favorites/bookmarks to access the website.

As a rule of thumb, look at the website address to be sure it starts with “https:” before entering personal information on a site. A green security status bar and padlock icon next to the web address are additional visual indicators that confirm you are on a secure site.

For additional protection, activate the additional web protection features of your anti-malware software such as Norton Cybersecurity.

Stay Active, Stay Safe

In addition to these scams, would-be cybercriminals also have more traditional tricks up their sleeves. Help keep yourself protected by remaining vigilant and remembering that if something sounds too good to be true, it usually is. By playing an active role in your safety and cybersecurity, you can stay ahead of even the craftiest of cybercriminals.

Also, don’t hesitate to report a suspected scam: 

  • If you suspect fraud, you can file a complaint with the Federal Trade Commission at reportfraud.ftc.gov.
  • To report suspected identity fraud, report it to identitytheft.gov and the social security administration at 800-269-0271.
  • For Online crime or cyber scams, you can report it to the Internet Crime Complaint Center (IC3) at ic3.gov or the Cybersecurity and Infrastructure Security Agency at cisa.gov/uscert/report
  • For Phishing scams, report it to the National Cybersecurity Communications and Integration Center (NCCIC) at us-cert.gov/report
  • For suspicious text messages, copy the message and forward it to 7726, a centralized spam reporting service among all wireless carriers. 

If you suspect fraud or your credentials are stolen or compromised, change your password(s) immediately. Changing your password regularly to a long and complicated password keeps you one step ahead of the cyber scammers.
 
Most of us become victims of cyber scams because of complacency or laziness. We don’t want to bother with a long or complicated password, we skip the privacy settings on social media sites, we fail to activate two-factor authentication, or we don’t double check our monthly statements and transactions.
 
Unfortunately, getting in the habit of doing all these things on a regular basis is the only way to protect ourselves from potentially expensive losses of money, time and sanity.

If you would like to review your current investment portfolio or discuss any other financial planning matters, please don’t hesitate to contact us or visit our website at http://www.ydfs.com. We are a fee-only fiduciary financial planning firm that always puts your interests first.  If you are not a client, an initial consultation is complimentary and there is never any pressure or hidden sales pitch. We start with a specific assessment of your personal situation. There is no rush and no cookie-cutter approach. Each client is different, and so are your financial plan and investment objectives.

Sources: FTC.gov, Ally Bank, consumerfinance.gov

Posted in Consumer Alert, Elder Care, Financial Planning, General, Identity Theft. Leave a Comment »

Equifax Data Breach Requires Action

September 10, 2017 — Sam H. Fawaz

While most of us have been watching the path of Hurricane Irma, another big news story this past week warrants your attention.  Last week, Equifax announced that a “Cybersecurity Incident” had exposed names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license and credit card numbers, from a whopping 143 million Americans.  We have already received e-mails from clients who have been affected, and expect to receive more since this will likely affect about half of the country.

In fact, this is another massive data breach reminding us how vulnerable we are to thieves seeking our personal information and identity. “Incident” sounds a bit tepid for the magnitude of this particular breach.

Are You Impacted?

To find out if your information has been compromised, check the potential impact on the Equifax website: https://www.equifaxsecurity2017.com/potential-impact/

You should do so for all of your household members, including your underage kids.  In the event that you or one of your family members are affected, Equifax offers to enroll you for free credit monitoring, which they will provide for one year.  I’m generally not a fan of paying for identity theft insurance or credit monitoring services, but there’s no reason not to take advantage of Equifax’s free offer. A credit monitoring service won’t prevent fraud from happening, but WILL alert you when your personal information is being used or requested.  The service includes identity theft insurance, and it will also scan the Internet for use of your Social Security number—assuming you trust Equifax with this information after the breach.

It may take a few weeks before the service becomes effective.  In the meantime, I recommend you plan to monitor transactions on your bank accounts and credit cards.  The credit card companies typically do a pretty good job of catching fraudulent activity quickly and shutting it down, but your own diligence is essential.

Unfortunately, the free credit monitoring service has issues.  According to credit expert John Ulzheimer “You’re only going to get it free for one year” and chances are, your liability is going to last longer. Additionally, it “only applies to your Equifax credit report, and not your credit reports at Experian and TransUnion. That’s like locking one of the three doors to your house.”

I suspect that once the extent of the breach is ultimately revealed, Equifax will highly likely extend the free credit monitoring service period.

How Are YDFS Clients Protected?

Withdrawing funds from a custodian (such as Charles Schwab) account is not possible simply with your login.  This set-up provides higher security than a retail bank or other brokerage account, where a thief could hack your username/password and access your funds.

Without signed documentation and verbal confirmation, funds withdrawn from custodian accounts can only be sent via check to the address of record on the account, or via an electronic transfer to a bank account that has been authorized with previously signed documentation. All wire transfer requests require verbal confirmation before any funds leave your account.

Also, all withdrawals from custodian accounts are seen on the same or next business day by your YDFS team so we can be on the lookout for unusual activity.

If You’re a Victim of Identity Theft

If you’re a victim of this (or any) breach, here’s what to do. The whole process takes about an hour to complete:

  • Contact one of the three credit bureaus Equifax (800-766-0008), Experian (888-397-3742) and TransUnion (800-680-7289) to put a free fraud alert on your credit report. Under Federal law, each is obligated to notify the other two. The alert makes it harder for an identity thief to open more accounts in your name, but experts note that alerts usually just slow down the process of criminals opening accounts in your name; they don’t prevent it. The alert lasts 90 days, but you can renew it, and the alert entitles you to a free credit report from each of the three companies.
  • File a complaint with the Federal Trade Commission and print your Identity Theft Affidavit. Use that to file a police report and create your Identity Theft Report.
  • Place a credit-freeze on your credit file, which generally stops all access to your credit report. Unfortunately, you need to contact all three companies to freeze your file. Here are the links: Equifax; ExperianTransUnion. Important note about a freeze: If you need to access credit, you have to unfreeze your records, which can take a few days. The availability of a credit freeze depends on state law or a consumer reporting company’s policies. Some states charge a fee for placing or removing a credit freeze, but it’s free to place or remove a fraud alert. You can sometimes get this service for free if you supply a copy of a police report (which you can probably file and obtain online) or affidavit stating that you believe you are likely to be the victim of identity theft.
    Another advantage: each credit inquiry from a creditor has the potential to lower your credit score, so a freeze helps to protect your score from scammers who file inquiries.

Best Practices to Employ

According to pros like Ulzheimer and professional hacker Kevin Mitnick, the question is not if your information will be compromised, but when. Criminals are actively stealing your passwords, buying and selling your data and reading your emails. There is no single way to protect your coveted identity, but here are eight best practices to employ to keep the criminals at bay.

1) Protect your information:

  • Refrain from providing businesses with your social security number (SSN) just because they ask for it. Give it only when required. In an antiquated practice, doctors, dentists and some lawyers routinely request your social security number for billing (and collection) purposes. Refuse to do business with professionals who insist on supplying your social security number without a true need to know. Medicare recipients take note: your SSN is printed on your current Medicare card, so be careful with it! The process of changing the cards will take some time, but it is in the works.
  • Don’t give personal information over the phone, through the mail or on the Internet unless you have initiated the contact or you know with whom you are dealing. This is especially important to communicate to older relatives or friends, who are prime targets of fraudsters.
  • Beware of over-sharing on social media, where criminals are finding treasure troves of information. Because they are explicitly targeting children under the age of 18, it’s important for parents to talk to their kids and explain why it is so dangerous to share too much personal information online. Share your vacation photos & experiences AFTER you’ve returned home.
  • Update your passwords so they are difficult to hack. NY Daily News found the top ten worst passwords to include: 123456, password, baseball, football, etc. Others have started to use encrypted password managers where you enter one login/password and they manage all your other passwords for you.
  • Review your banking transactions online or on your statements to look for transactions you didn’t make. Report any suspicious activity to your bank promptly.

2) Protect your Password: You know the drill; you should be changing logins and passwords every few months, and sign up for two-factor authentication (where your cell phone is your 2nd device used to authorize access) for those sites that are used frequently.

3) Shop carefully: Stop sending your credit card information over unsecured wireless networks, and when making purchases, use a credit card, which has more fraud protections under federal law than debit cards or online payment services. Free (public) Wi-Fi hotspots are prime targets for banking and credit card information theft. Never do your personal or business banking over these hotspots.

4) Review credit card statements: Before you pay, be sure to spend a few minutes to verify that there are no fraudulent charges. While you’re at it, enroll in your credit card’s notification program, where the company alerts you to charges over a set amount.

5) Review your (and your kids’, for reasons mentioned above) credit report (free) every 12 months at annualcreditreport.com. You want to make sure that nothing fishy has cropped up. If you find an error, report it immediately and stay on top of the process.

6) Protect your Social Security account from identity theft by claiming your record at https://www.ssa.gov/myaccount/. Two-factor authentication will prevent others from attempting to steal your social security identity and records. Do it before they do.

7) Avoid maintaining large balances in checking or savings accounts with a debit card attached: Keep larger account balances in brokerage accounts or accounts without debit and/or check writing features.

8) Opt out of pre-approved credit card offers: ID thieves like to intercept offers of new credit sent via postal mail.  If you don’t want to receive pre-screened offers of credit and insurance, you have two choices: You can opt out of receiving them for five years by calling toll-free 1-888-5-OPT-OUT (1-888-567-8688) or visiting www.optoutprescreen.com. Or you can opt out permanently online at www.optoutprescreen.com.  To complete your request, you must return a signed Permanent Opt-Out Election form, which will be provided after you initiate your online request.

It’s important to remember that breaches like these have happened before and will happen again.  Taking preventative measures like those listed above limit the potential damage of such events.  Please contact us if you have any further questions or concerns regarding this topic.

If you would like to review your current investment portfolio or discuss any other financial planning matters, please don’t hesitate to contact us or visit our website at http://www.ydfs.com. We are a fee-only fiduciary financial planning firm that always puts your interests first. If you are not a client yet, an initial consultation is complimentary and there is never any pressure or hidden sales pitch. We start with a specific assessment of your personal situation. There is no rush and no cookie-cutter approach. Each client is different, and so is your financial plan and investment objectives.

Posted in Financial Planning, General, Identity Theft, retirement planning. Tags: , . Leave a Comment »

In The Land of Password Management, RoboForm is King

September 24, 2010 — Sam H. Fawaz

Over the years, I’ve made tens of “Cool Tools” presentations (and the like) around the country and the list of tools has varied widely as time went by.  While many of the tools make it into my presentations once or twice within a span of a few months, one staple that continues to garner the largest audience interest is an inexpensive password manager and form filler known as RoboForm.  It continues to surprise me how many people still aren’t using one of these great productivity boosters.  If you’re not taking advantage of a password manager in this internet age, let me tell you that you’re wasting precious time and probably taking unnecessary security risks.

I’ve been a user of RoboForm for several years now.  In fact, I first reviewed and raved about RoboForm in an article published a few years ago.  RoboForm remains my number one must-have application on every computing platform I own or use regularly and it is the first application I install when I move to a new operating system or get a new device.  While there are several password managers out there, both free and paid versions, nothing I’ve tried comes close to the versatility and power of RoboForm.  It cannot be ignored that, in this day and age of key loggers and identity theft, having a secure repository of personal information is essential.

I decided to review the current beta 7.0 version of RoboForm since it’s the first real upgrade in recent years.  Actually, it’s not a major upgrade; it’s more of a renovation.  I’ve been using the latest version for a couple of months now and I like the new features and enhancements.

Background

For those of you that are new to password management programs and form fillers, here’s a little background on their capabilities:

As time goes by, we accumulate more and more user ID’s, passwords, secret questions and phrases, software installation keys, personal identification information, credit card and bank account numbers, website addresses, secret notes, etc. (need I say more?), all of which we need to store and retrieve securely.  While a variety of methods have been devised and employed to accomplish this task, most are barely secure and totally inconvenient or incompatible with the wide variety of devices and platforms currently available.  RoboForm aims to be your single and most secure repository to store all this information within (yet another) master password protected and encrypted database.  Think of RoboForm as your hardened safe to store all this info which can only be opened with the correct combination (i.e., the master password).

In addition, many applications, web sites and other secure network gateways require us to change our passwords periodically and utilize strong replacements with a variety of formats and requirements.  Thinking of and remembering these changing passwords can drive one crazy and, as a result, many of us resort to easy-to-hack passwords and storage methods just to keep us sane.  RoboForm steps up here with a powerful password generator that meets a variety of criteria required by the site or the application.

Getting Started and Working with RoboForm

Downloading and installing RoboForm version 6.x (a free trial version good for storing up to 10 passwords is available at http://www.roboform.com) is quick and quite easy.  Whether you’re using Internet Explorer, Firefox, Google Chrome or one of the many available mobile platforms, RoboForm integrates nicely and stands ready to store your user ID’s, passwords and other personal data each time you access a site.  The only thing you need to get started is to specify the master password to be used to lock all of your secret information once RoboForm starts memorizing.  Naturally, with a variety of military strength encryption schemes (no fewer than five encryption algorithms are available) to secure your database, you don’t want to forget the master password once you’ve specified it.  Even RoboForm technical support will not be able to figure out your password if you forget it.  And of course, your master password should be very strong and long because it unlocks your most valuable data: your personal information and passwords.  RoboForm stores all of this securely and locally, unless you decide to use RoboForm online (discussed below.)

Visit a web site, enter your user ID and password and, depending on the options you specify, RoboForm will pop up and offer to store them in what’s called a “passcard.”  The passcard is capable of storing numerous fields.  So, if you need to enter more than just two pieces of information to log in, RoboForm can handle the job.  If you are setting up your online access for the first time, RoboForm helps you generate and store a password based on a variety of security criteria, characters, length, etc.  Thereafter, whenever you visit that site, RoboForm will offer to fill in the user ID, password and other information assuming that you’ve unlocked the database with the master password.  One available setting determines how much time you have before the master password “times out” and is required to be re-entered.  This way you don’t have to enter it each time you summon RoboForm to populate your login information or web-based form.  Since you don’t have to subsequently type in the secure information, key loggers installed without your knowledge cannot capture your valuable data.

The other powerful capability of RoboForm is an online form filler.  When you set up RoboForm, you have the option to set up profiles with your name, address, phone numbers, credit card numbers, banking information, etc.  Anytime you encounter an online form for e-commerce or other sites, RoboForm will pop up and offer to populate the relevant information on the form.  If you set up multiple profiles (e.g., one for home, one for work, one for your spouse), you can choose amongst them, choose amongst credit cards to use or choose which address to use.  This is a huge time saver since RoboForm’s built-in intelligence is programmed to recognize and remember the most common field types used on the web.  To the extent that it doesn’t, you can right-click on the form and have RoboForm save the form information for future use.  I find this capability quite handy for repetitive surveys over time, forms that require shipping and billing data, and sites that request recurring demographic data.

Have you ever been frustrated after spending a lot of time on a site completing an online form or long text box and then find out that the site timed out or couldn’t save your info?  You’ll find that saving the data in RoboForm first before submitting it can save you quite a bit of aggravation.  Just bring up the page again and let RoboForm re-populate it.

RoboForm can also securely save and store free-form bits of information known as “safenotes.”  I’ve used safenotes to store software installation keys, combinations for safes and locks, Wi-Fi network names and keys, PIN’s, frequent flier numbers, and other confidential personal or financial information.

As mentioned above, RoboForm is available on most computing and mobile platforms including the PC, iPhone, Windows Mobile, Palm, BlackBerry, Android, and Symbian.  A version known as RoboForm2go works on a USB thumb drive and enables you to plug in and out of any PC without having to install the program and move your passwords onto someone else’s PC.  Another available piece of software, known as GoodSync, keeps your RoboForm information synchronized between different platforms and locations.

RoboForm Online

Over the past year, RoboForm has been beta testing a version of RoboForm online which optionally allows you to synchronize your passcards and safenotes to a secure server.  Accessing these very secure items online requires you to register with and to log into the site (free) with a secure password.  Actually opening the secure items prompts for your RoboForm master password to be entered, thereby enabling two levels of password security.  This service has been a godsend for me on numerous occasions where I was away from my PC and didn’t have my laptop or RoboForm2go USB thumb drive with me when I needed a login ID and password.  The site functions much like the desktop version of RoboForm and assists you with automatically logging into sites that you’ve saved in RoboForm.

RoboForm Online gives you the added flexibility of synchronizing your passcards and safenotes over the internet across multiple devices.  This is a very powerful and much needed capability, though I can understand many people’s hesitation to surrender and trust their most sensitive passwords and personal information to a third party server.  My only comment is that RoboForm has the highest levels of security and encryption implemented and, with two levels of password protection, I feel reasonably secure about putting my data out there.  Besides, your online ID’s and passwords are by definition already stored on many servers in the cloud which can be equally hacked by determined thieves, albeit one at a time.

Version 7 Enhancements

One of the most significant enhancements in this version 7.0 beta is the capability to save and fill ID’s and passwords in Windows (WIN32) applications, not just online passwords.  In addition, when saving an online form, the details are now displayed for you so you know exactly what is being saved.  Furthermore, this occurs in a non-obtrusive tool-bar rather than the old pop-up box, thereby streamlining the web browsing experience.  Logging into widely known and popular websites automatically downloads site icons to make the related passcards more visually appealing and easier and faster to recognize.

Another significant enhancement for devices equipped with a fingerprint reader is the capability to enter the master password via a finger swipe.  The fingerprint device stores your master password in a secure area on the device.  This secure area becomes accessible to RoboForm only after you slide your finger and it is then authenticated against the fingerprint stored on the device.

A release date for version 7 has not yet been announced.

RoboForm Criticisms

RoboForm is not without its shortcomings and share of quirks.  For example, more and more sites are switching to an Adobe Flash version of their login screen to raise security.  RoboForm cannot currently handle most of these sites.  On those sites, you have to perform a manual RoboForm lookup and type in your ID and password yourself.

On some sites, such as American Express, RoboForm inexplicably stops working properly. This requires you to have RoboForm fill out the form (but not submit it) and then you manually click on the submit button.  In this case, you can re-memorize the site information in RoboForm and fix the problem for future visits.

As sites become more sophisticated with additional levels and types of authentication (e.g., captchas, pointing and clicking your PIN on an onscreen keyboard à la ING Bank, rotating challenge questions, etc.), this renders RoboForm unable to do anything more than show you your credentials to be manually entered.  I’m not sure how or if RoboForm can be enhanced to overcome and automatically populate these additional safeguards, but it sure would be nice if they figured out a way to do so.

Whenever you change the master password, your passcards and safenotes should inherit and respond only to the new password.  However, I’ve had a few occasions where a passcard would only open up with the old password.  Finally, I’ve had occasions where I’ve had to inexplicably remind RoboForm where my data directory resided.  Fortunately no data has ever been lost.

Options & Recommendations

The paid version of RoboForm, known as RoboForm Pro, is about $30 for the first license and less for additional licenses.  An enterprise version is available and significant discounts are available for large license purchases.  During various holidays throughout the year, a 20% discount can be found on the website.  Even without the discount, for this price, you can count on saving yourself tons of frustration and aggravation compared to using manual or spreadsheet password management and form filling.  Buying multiple licenses at the same time (whether or not on the same platform) will likely save you money compared with buying them over time.

I also highly recommend the powerful GoodSync software if you plan to sync your data or files across multiple platforms or devices.  GoodSync is one of the most powerful file synchronization tools available and is also one of my most frequently used cool tools to keep data in sync.

For those who prefer free versions of password management tools, of course the Internet Explorer and Firefox password stores are available, though they are significantly less capable than RoboForm.  The popular open-source password manager applications KeePass and LastPass are also free but, in my opinion, not as convenient as RoboForm.  If you’d like additional information about password managers including the five most popular ones, visit http://lifehacker.com/5042616/five-best-password-managers.

I welcome your feedback and questions about RoboForm or other password managers. Please feel free to write me at shf@ydfs.com.

Sam H. Fawaz, CFP®, CPA works with Y.D. Financial Services in Canton Michigan and Franklin Tennessee and has been helping clients with financial planning and financial planners with technology solutions for over 20 years. He has been writing about tax, financial planning and technology solutions for over fourteen years.  He can be reached via e-mail at shf@ydfs.com or at (734) 447-5305 with any questions.  You can follow Sam on Twitter at http://twitter.com/themoneygeek or at his blog at http://themoneygeek.com.  His company website is at Y.D. Financial Services, Inc.

Posted in Consumers, Identity Theft, Technololgy. Tags: , , , , , . 3 Comments »