If you were surprised by the recent Cash App data breach, you’re not alone.
The peer-to-peer payments platform and its parent company, The Block, failed to protect against unauthorized access to Cash App customer accounts in 2022. In return, Cash App agreed to a $15 million class-action settlement. While this is a step in the right direction, it didn’t ease my concerns about the app’s security, especially since it was an internal move. So I reached out to cybersecurity experts to find out how I could better protect myself.
“One of the biggest problems with these money apps is how popular they are,” says Neil O’Farrell, a digital security expert and member of CNET Money’s expert review board. “Hackers follow the crowd, and the more people who use these apps, the more time criminals have to try to exploit them.”
Cash App does have a number of security features. The problem is that while they help avoid fraud, they don’t necessarily prevent data leaks. O’Farrell noted that even the best privacy protections can be disabled by insiders with access, which is exactly what happened in Cash App’s case.
Whether you want to avoid financial fraud on Cash App or you need options to protect sensitive information that has been leaked, here are six security steps we recommend taking when claiming for a settlement that is owed to you.
Read more: Cash App customers may be eligible for $2,500. Here’s how to get your money.
Sign on safely
By default, Cash App makes signing in more secure by sending a code to your phone number or email address every time you sign in. But there’s a catch: you need to manually sign out of your account after logging in, otherwise anyone can access your account from your phone without a code. I was able to sign out and sign back in without a code, but this could cause problems if someone gets hold of your phone and accesses the app. To be on the safe side, I recommend logging out when you’re done with your transactions.
You can use two-factor authentication as a second layer of protection for your account, but it requires downloading a separate app like Google Authenticator.
Turn on the Cash App’s “Security Lock” feature
To prevent hackers from withdrawing money from your account or asking for money from friends and family, you can put a security lock on your transactions. When you turn this feature on, you will need to enter your fingerprint, face ID, or a specific passcode every time you send or transfer money. I tested this feature on my Cash App account and it takes less than a minute to set up. You can find it under the Security & Privacy tab. Here are the steps to enable security lock:
Monitor your trading activity
In addition to protecting your data, it’s also important to keep an eye on your account activity. In the Notifications tab of Cash App, you can enable push alerts to receive text messages and emails about your transactions. This way, you can keep track of all payment activity and monitor for anything suspicious.
Don’t send money to people you don’t know
From romance scams to tax scams, there are many ways scammers try to trick you into sending them money through Cash App and other payment apps. Experts recommend never sending money to people you don’t know and to verify the recipient’s phone number or email address before hitting send. If you accidentally send money to the wrong person or find out you’ve been scammed through Cash App, your bank often won’t give your money back.
O’Farrell recommends being suspicious of messages you receive through payment apps. It’s common for scammers to pretend to be friends and ask for money or tell you that you owe them money. Others may ask you to verify a security code to resolve security issues with your account, in an attempt to steal your access to the app and your money.
A few features allow you to narrow down who you can send money to. The “Request to Send” option in Cash App’s “Security & Privacy” tab allows you to send money only to your contacts, rather than to anyone on the app. You can also prevent people from finding your Cash App account by turning off the “$CashTag Cash.app” feature from the same security tab.
“Take advantage of all the security options that are offered to you, even if it means transactions are a little slower,” O’Farrell says. “You’ll be thankful.”
Read more: 9 Venmo, Cash App, and Zelle scams you shouldn’t fall for
Make sure your email address is protected
If you use an email address to log into Cash App, make sure it’s protected by turning on two-factor authentication, which requires you to enter a code every time you log into your email. This extra step may cause a slight delay, but it makes it harder for scammers to get access to your email and into your Cash App account.
Identity Theft Protection Detects Breaches Early
Identity theft protection is the best way to find out if your information has been exposed in a data breach. While identity theft protection services can’t stop your data from ending up on the dark web, they can provide early warning if your data has been compromised and guide you through next steps, like changing compromised passwords or freezing your credit.
Identity theft protection also usually comes with credit monitoring, which alerts you if any new accounts are opened in your name so you can take action sooner.
Curious about identity theft protection? Aura is CNET’s #1 choice for keeping your data safe.
