Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.
Support MFO
Donate through PayPal
Writing checks can be risky. Here's how to protect yourself.
"American consumers and businesses wrote 11.2 billion checks in 2021, far fewer than the 42 billion written at the start of the century. Despite the rapid decline, check fraud is exploding — costing financial institutions billions and throwing many check writers’ finances into disarray."
"After my colleague Ron Lieber and I wrote about rising check fraud, worried readers wrote to us with questions: Is there a safer way to write checks when we must? What about digital payments — aren’t they susceptible to fraud, too?"
I've been really happy with so-called "gel" pens- they write like a ballpoint but glide much easier over the paper. I've had very decent handwriting and printing ever since the mechanical drawing classes in high school, but of course that has deteriorated somewhat with advanced age. Enter gel pens! Major restoration in my handwriting/printing... looks very decent again.
I seldom write checks anymore. My average annual number of checks has been ~6 the past few years (property tax, vehicle registration, dentist). An online bill payment platform is used to make the vast majority of payments. I purchased Uniball "207" gel pens several years ago but am disappointed with their performance - they do not write as smoothly as I would like. I've already implemented most of the practices suggested in the article with the primary exception being taking pictures of checks.
Only visa and amex get paid via transfer internally from the checking acct. to pay the credit card balances. Everything else is done by check. Call me old fashioned. When appropriate, "Deposit Only" gets written on the check. Never make a check to "cash." Often, instead of just the payee's name, I indulge myself: instead of just PAY To The Order of Blue Cross/Blue Shield of MA, I'll write "Blue Cross/Blue Shield of MA Extortionists." They cash it anyway. My fraternity is Mutants For Nukes. The logo is a Happy Face with one ear. Often, I'll put that somewhere on the check. Makes it distinct.
I need to transfer a small amount of money on a monthly basis from my Citizens Bank checking account to a joint account at TD Bank. Believe it or not, they can't do via ACH and the only way it can be done is for Citizens Bank to send a physical check to TD Bank.
Nearly all my bills are paid via credit card autopay (direct or via a 'disposable' virtual credit card with a set limit on it) or direct debit from the bank account - which I regularly monitor to look for anything suspicious. If I do need to write a one-off check, I'll do it online via my credit union's website ... I might write a dozen paper checks a year (if that) these days.
@Observant1: I just re-ordered more Uniball 207s the other day ... great all-round pens!
Good piece. Like others, I write very few checks a year. One for in-office copays to a medical specialist who charges extra for credit cards. I hand the other checks to service providers in my home - for heater repairs and the like. Nothing goes by mail. Bill payments are via ACH.
How do people handle QCDs? They can often go electronically directly from the IRA custodian. But then there's the risk that you won't get an acknowledgment (needed for tax purposes) from the charity. You can have your custodian mail you a check payable to the charity that you then remail to the charity. Two mailings for a single check. Double the risk.
If I can break even or come out ahead (cash rebates), I make payments by credit cards - automatically (monthly fees) if possible, manually if necessary. I keep a small separate account around for ATM withdrawals and for providers who insist that they pull payments from a bank account.
And then there's T. Rowe Price, that tries to transfer cash from other institutions by paper check (see my TRP thread). Just like Mona's TD Bank. Some things you just can't control.
It all comes down to a person's attention to their respective risks and steps taken to mitigate them. I for one have never known anyone who had their bank account drained due to a check writing issue, but do know someone who had theirs drained via debit card fraud, having not recognized or notified their bank of the loss for over 60 days.
Debit card fraud According to the EFTA, your potential liability for fraudulent debit card transactions is virtually unlimited. You have up to 60 days to report a lost or stolen card under the EFTA. After that, you simply lose whatever money was taken, even funds siphoned from linked accounts. The exact liability limits under the EFTA are:
Lost or stolen card reported before unauthorized transactions: zero liability.
Lost or stolen card reported within two days: $50 liability limit.
Lost or stolen card reported within 60 days: $500 liability limit.
After 60 days: no protection.
It's important to note that if your card is not physically lost or stolen, you have 60 days to report fraudulent transactions with zero liability. If only your card number is stolen, the 60 days start from the date of the statement on which a fraudulent transaction appears.
@Stillers: Yep. And I think that also applies to direct-debit from companies to your account, such as what utilities and mobile phone companies are doing nowdays.
On my to-do list is to create a new 'clean' bank account that is not linked anywhere for direct-debit and use that to automatically move X amount of money into my existing checking account each month to cover such direct-debit payments ...I'm a firm believer in compartmentalization as a way of reducing risk, albeit at the expense of some added complexity in an already-complex world.
I did have a credit card / debit card linked checking account “cleaned out” one time by unknown person(s). Fortunately the balance at the time wasn’t high. I did suspect it was carried out by an employee of a local newspaper which had monthly “auto-bill” (credit card function) enabled. But no way to prove it. Wasn’t worth pursuing as the bank made me whole. Albeit - The bank was aware at the time of security flaws in their system which was later upgraded.
Like others, I write fewer now - about a quarter the number of checks today than decades ago. Only to parties I have an established relationship with like physicians. You can buy “security checks” from W-Mart where I buy mine. They have some special anti-fraud features embedded (and look nicer as well). My Fido mm account has a check writing feature. But only use it on rare occasions - like paying taxes.
I always was told that banks only applied reimbursement for fraud as a "courtesy" and were not required to. Glad to hear about EFTA
I never use a debit card for any automatic transactions, and I am always concerned that the one I have is online at PayPal. But the account it is linked to only has a few hundred bucks in it, and does not link to other accounts.
I always was told that banks only applied reimbursement for fraud as a "courtesy" and were not required to. Glad to hear about EFTA
I never use a debit card for any automatic transactions, and I am always concerned that the one I have is online at PayPal. But the account it is linked to only has a few hundred bucks in it, and does not link to other accounts.
I'm almost entirely cashless and never use my debit card for anything except MAYBE an annual ATM run to grab cash to have around the house for emergencies, tips, or such ... it's sitting in a drawer somewhere until needed. But banks love to encourage people to use debit cards vs credit cards for a variety of reasons, but the consumer protections are vastly different between 'debit' and 'credit' cards.
Debt card is at Schwab & I try to carry less than $1k in account. It seems to me I once paid my CC bill twice. That caused Charles to withdraw cash from individual account to cover the auto pay. So if this was a "fraudulent withdrawal", would Schwab be liable for the amount to cover the withdrawal , taken from my individual account ? Let it be known that I wasn't charged for overdraw. Also I was credited by the CC bank.
If this was Schwab Bank, I assume they would be held to EFTA standards, but since you authorized the payment, even in error, they could say Schwab was not responsible.
To me the really scary thing is that they have the ability to automatically pull money out of another account to cover the shortfall.
That is the main reason I don't use debit cards from brokerage accounts. When I have asked I can never get anyone of them to assure me that wouldn't happen. My parents insisted on using a debit card at Merrill Lynch CMA linked to their brokerage account. When I complained the rep ( their personal friend) said the "monitored the account and would not let that happen but could not tell me how they would stop it.
The article doesn't address the security of your bank account information that is stored on many vendors systems. We try to pay every thing by credit card, but our town charges 3% to do so and this forces us to pay tax bills by bank account withdrawal. I don't save bank account information on these web sites unless forced to and then it is again with an account that has a small balance.
The other thing to check is what accounts your bank account is connected to for transfers. All of our transfers originate with the brokerage account, so hacking the bank would not allow someone to clean out our stock account.
We also have split our brokerage accounts up between Schwab, Fido and Vanguard
In reading all of the above commentary I still find myself wondering what payment method is really "safe"?
We have never used a debit card, except on European vacations for local cash withdrawal. Lucky there- never had a problem.
All credit card debt is paid in full each month. Over the years we have had a couple of instances of credit-card fraud/theft, which were caught quickly and caused no loss on our part.
Some entities have recurring permission to bill to a credit card account. No entities have permission to withdraw directly from a bank account.
Being very old-fashioned, my wife still pays virtually everything by credit card or checks, mailed directly from within the post office. If a check was stolen, at would have to be at the delivery end, which at least cuts the theft location opportunity in half. Checks are written with gel pen, as recommended by security organizations. The checks themselves, from Schwab Bank, have a security indicator which changes color if exposed to at least some types of tampering.
Given the fact that the value of the checks can vary so dramatically from month-to-month, I need to keep a substantial amount of money in the Schwab checking account, which would seem to be our most vulnerable point for fraud/theft. Not too sure what can be done about that, though. I do check the Schwab checking account balance every few days just to keep an eye on things.
It seems as if every permutation of payment systems has some sort of potential weakness.
Agree with @stiller on debt card. Electronic theft is not talk about enough. Thieves often set up “skimmer” on card readers outside the stores such as gas stations, and get the card numbers from the credit cards or debit cards. Knew someone who had their checking account emptied, and there is little recourse from the bank. At least with credit card, one can start to dispute the charges, and the card company has to verify the alleged charges are legitimate. Otherwise, the risk is on them.
In the past we have had our credit cards compromised (not sure how). The credit card company informed us, freeze the card, and send us new ones.
We use very few checks these days when paying bill through ACH is much easier (and cheaper). Dropping off the mail into the mailbox minimize the risk of stolen mails.
"Dropping off the mail into the mailbox minimize the risk of stolen mails"
@Sven - be aware that in a number of major city locations, including the San Francisco Bay Area, thieves have acquired keys to many of the local drop-off mailboxes. They have sometimes obtained these keys by armed holdups of mailmen on their routes, and there is a thriving underground business in the supply and duplication of these keys.
That is why we only drop off checks within the Post Office itself.
"Dropping off the mail into the mailbox minimize the risk of stolen mails"
@Sven - be aware that in a number of major city locations, including the San Francisco Bay Area, thieves have acquired keys to many of the local drop-off mailboxes. They have sometimes obtained these keys by armed holdups of mailmen on their routes, and there is a thriving underground business in the supply and duplication of these keys.
That is why we only drop off checks within the Post Office itself.
I recently read a blurb about this type of activity (don't recall if it was S.F. area). It seems like almost nothing is absolutely safe nowadays. Darn criminals!
After reading this thread I called my bank to talk about lowering POS and ATM limits on my Schwab Bank debit card. The rep volunteered that writing checks gives potentially bad actors access to your name, address, routing and account number. More reason not to write checks,,,, even if you drop them off inside the post office.
And using any other method simply gives potentially bad actors access to other points of vulnerability.
As I said above- In reading all of the above commentary I still find myself wondering what payment method is really "safe"?
So maybe someone should lay out a real clear comparison summary of the major ways to pay your bills with some sort of grading system indicating relative safety. Beyond my pay grade.
Glad to see several others recognize the high risks of debit cards.
Bottom Line per my nephew who was a VP of a local bank: "The riskiest card by far you will likely ever carry in your wallet is a bank debit card."
Along with ONLY using a debit card for ATM transactions, one very effective control we've used for them for many years (and I HIGHLY recommend to all readers here) is an email (or text I would guess) notification of ALL debit card transactions immediately upon occurrence. The bank we use allows customers to set a dollar limit for that control, which we set at $1. It has been our experience that our bank has never missed one of these notifications - I go to an ATM and w/d $200, an email pops into my Inbox. After the fact, but at least immediate notification!
We have alerts set at one cent on all our accounts with emails and texts. Works great. Texts come in before you leave the store.
It is funny because years ago we got a second credit card to use "only online" with a lower credit limit than our primary card, thinking online transactions were more risky.
In the decade plus since, that "online only" card has never been compromised but our primary card gets a fraudulent transaction at least every couple of years. I guess from skimmers. The Visa people don't care, just send us a new card.
Once I bought some wine at a local store with another card I use only a couple of times a year and then within 24 hours there was a fraudulent charge.
Thinking it had to be an employee at the store, I called Visa and told them to investigate and call the cops. They said it was cheaper just to send me a new card.
My main debit card that I use all over the world for cash only is Schwab. It has everything I need, see https://thetravelfolk.com/no-atm-fees-the-charles-schwab-debit-card/ In the last several years, I hardly use cash because I can use Google pay + credit cards + Zelle, Paypal, and Venmo for the rest.
Comments
(But I refuse to surrender my ball-point pen!)
My average annual number of checks has been ~6 the past few years (property tax, vehicle registration, dentist).
An online bill payment platform is used to make the vast majority of payments.
I purchased Uniball "207" gel pens several years ago but am disappointed with their performance -
they do not write as smoothly as I would like.
I've already implemented most of the practices suggested in the article with the primary exception
being taking pictures of checks.
@Observant1: I just re-ordered more Uniball 207s the other day ... great all-round pens!
How do people handle QCDs? They can often go electronically directly from the IRA custodian. But then there's the risk that you won't get an acknowledgment (needed for tax purposes) from the charity. You can have your custodian mail you a check payable to the charity that you then remail to the charity. Two mailings for a single check. Double the risk.
If I can break even or come out ahead (cash rebates), I make payments by credit cards - automatically (monthly fees) if possible, manually if necessary. I keep a small separate account around for ATM withdrawals and for providers who insist that they pull payments from a bank account.
And then there's T. Rowe Price, that tries to transfer cash from other institutions by paper check (see my TRP thread). Just like Mona's TD Bank. Some things you just can't control.
https://www.techchecks.net/resources/debit-card-or-check-which-one-is-safer
It all comes down to a person's attention to their respective risks and steps taken to mitigate them. I for one have never known anyone who had their bank account drained due to a check writing issue, but do know someone who had theirs drained via debit card fraud, having not recognized or notified their bank of the loss for over 60 days.
https://www.nerdwallet.com/article/credit-cards/credit-card-vs-debit-card-safer-online-purchases
Excerpt BOLD added:
Debit card fraud
According to the EFTA, your potential liability for fraudulent debit card transactions is virtually unlimited. You have up to 60 days to report a lost or stolen card under the EFTA. After that, you simply lose whatever money was taken, even funds siphoned from linked accounts. The exact liability limits under the EFTA are:
Lost or stolen card reported before unauthorized transactions: zero liability.
Lost or stolen card reported within two days: $50 liability limit.
Lost or stolen card reported within 60 days: $500 liability limit.
After 60 days: no protection.
It's important to note that if your card is not physically lost or stolen, you have 60 days to report fraudulent transactions with zero liability. If only your card number is stolen, the 60 days start from the date of the statement on which a fraudulent transaction appears.
On my to-do list is to create a new 'clean' bank account that is not linked anywhere for direct-debit and use that to automatically move X amount of money into my existing checking account each month to cover such direct-debit payments ...I'm a firm believer in compartmentalization as a way of reducing risk, albeit at the expense of some added complexity in an already-complex world.
Like others, I write fewer now - about a quarter the number of checks today than decades ago. Only to parties I have an established relationship with like physicians. You can buy “security checks” from W-Mart where I buy mine. They have some special anti-fraud features embedded (and look nicer as well). My Fido mm account has a check writing feature. But only use it on rare occasions - like paying taxes.
I always was told that banks only applied reimbursement for fraud as a "courtesy" and were not required to. Glad to hear about EFTA
I never use a debit card for any automatic transactions, and I am always concerned that the one I have is online at PayPal. But the account it is linked to only has a few hundred bucks in it, and does not link to other accounts.
Let it be known that I wasn't charged for overdraw. Also I was credited by the CC bank.
To me the really scary thing is that they have the ability to automatically pull money out of another account to cover the shortfall.
That is the main reason I don't use debit cards from brokerage accounts. When I have asked I can never get anyone of them to assure me that wouldn't happen. My parents insisted on using a debit card at Merrill Lynch CMA linked to their brokerage account. When I complained the rep ( their personal friend) said the "monitored the account and would not let that happen but could not tell me how they would stop it.
The article doesn't address the security of your bank account information that is stored on many vendors systems. We try to pay every thing by credit card, but our town charges 3% to do so and this forces us to pay tax bills by bank account withdrawal. I don't save bank account information on these web sites unless forced to and then it is again with an account that has a small balance.
The other thing to check is what accounts your bank account is connected to for transfers. All of our transfers originate with the brokerage account, so hacking the bank would not allow someone to clean out our stock account.
We also have split our brokerage accounts up between Schwab, Fido and Vanguard
We have never used a debit card, except on European vacations for local cash withdrawal. Lucky there- never had a problem.
All credit card debt is paid in full each month. Over the years we have had a couple of instances of credit-card fraud/theft, which were caught quickly and caused no loss on our part.
Some entities have recurring permission to bill to a credit card account. No entities have permission to withdraw directly from a bank account.
Being very old-fashioned, my wife still pays virtually everything by credit card or checks, mailed directly from within the post office. If a check was stolen, at would have to be at the delivery end, which at least cuts the theft location opportunity in half. Checks are written with gel pen, as recommended by security organizations. The checks themselves, from Schwab Bank, have a security indicator which changes color if exposed to at least some types of tampering.
Given the fact that the value of the checks can vary so dramatically from month-to-month, I need to keep a substantial amount of money in the Schwab checking account, which would seem to be our most vulnerable point for fraud/theft. Not too sure what can be done about that, though. I do check the Schwab checking account balance every few days just to keep an eye on things.
It seems as if every permutation of payment systems has some sort of potential weakness.
In the past we have had our credit cards compromised (not sure how). The credit card company informed us, freeze the card, and send us new ones.
We use very few checks these days when paying bill through ACH is much easier (and cheaper). Dropping off the mail into the mailbox minimize the risk of stolen mails.
@Sven - be aware that in a number of major city locations, including the San Francisco Bay Area, thieves have acquired keys to many of the local drop-off mailboxes. They have sometimes obtained these keys by armed holdups of mailmen on their routes, and there is a thriving underground business in the supply and duplication of these keys.
That is why we only drop off checks within the Post Office itself.
It seems like almost nothing is absolutely safe nowadays.
Darn criminals!
As I said above- In reading all of the above commentary I still find myself wondering what payment method is really "safe"?
So maybe someone should lay out a real clear comparison summary of the major ways to pay your bills with some sort of grading system indicating relative safety. Beyond my pay grade.
Bottom Line per my nephew who was a VP of a local bank:
"The riskiest card by far you will likely ever carry in your wallet is a bank debit card."
Along with ONLY using a debit card for ATM transactions, one very effective control we've used for them for many years (and I HIGHLY recommend to all readers here) is an email (or text I would guess) notification of ALL debit card transactions immediately upon occurrence. The bank we use allows customers to set a dollar limit for that control, which we set at $1. It has been our experience that our bank has never missed one of these notifications - I go to an ATM and w/d $200, an email pops into my Inbox. After the fact, but at least immediate notification!
We have alerts set at one cent on all our accounts with emails and texts. Works great. Texts come in before you leave the store.
It is funny because years ago we got a second credit card to use "only online" with a lower credit limit than our primary card, thinking online transactions were more risky.
In the decade plus since, that "online only" card has never been compromised but our primary card gets a fraudulent transaction at least every couple of years. I guess from skimmers. The Visa people don't care, just send us a new card.
Once I bought some wine at a local store with another card I use only a couple of times a year and then within 24 hours there was a fraudulent charge.
Thinking it had to be an employee at the store, I called Visa and told them to investigate and call the cops. They said it was cheaper just to send me a new card.
https://thetravelfolk.com/no-atm-fees-the-charles-schwab-debit-card/
In the last several years, I hardly use cash because I can use Google pay + credit cards + Zelle, Paypal, and Venmo for the rest.