The information provided on this website does not, and is not intended to, act as legal, financial or credit advice. See Lexington Law’s editorial disclosure for more information.
You’re probably familiar with that suspicious feeling of someone looking over your shoulder. But you tell yourself there’s no harm in someone being a little nosy, right? Unfortunately, someone can tell a lot from looking over your shoulder—including your passcode, Social Security number and debit card PIN.
This practice of looking over someone’s shoulder to steal personal information is called shoulder surfing. Keep reading to learn more about how this happens and how to protect yourself from potential criminals.
Shoulder surfing is the act of peering over someone’s shoulder while they’re entering personal information—like a PIN or password—in public. It’s a practice commonly used by identity thieves to ascertain login credentials that are then used for scams, fraud and other criminal activity.
The practice of shoulder surfing began with telephone booths as people would enter credit card information or their PINs on the keypad. It then spread to other areas with keypads, such as ATMs and gas pumps.
Today, shoulder surfing is even more common due to the prevalence of smartphones, tablets and laptops. Identity thieves have mastered the art of subtle observation and keen listening, and they may even record people on a smartphone from a distance to review the footage later.
The fact is, shoulder surfing may occur anywhere groups of people are gathered. A NYU Tandon School of Engineering survey found that 73 percent of mobile device users had observed someone else’s PIN—although malicious intent was not always indicated.
Knowing which situations surfers take advantage of can help you stay vigilant and make safe decisions, whether you’re using mobile banking apps or trying to pay a bill over the phone.
Shoulder surfers may obtain sensitive information when people are doing any of the following:
Shoulder surfing is a unique threat, but it can be easily prevented with proper security measures. Most Americans don’t know they’ve been affected by a data breach, and many still make crucial financial security mistakes, so adequate awareness is key. Consider the following safety precautions to stave off sneaky shoulder surfers.
Use long PINs and passwords with a mix of uppercase and lowercase letters, numbers and symbols. Consider using a secure password manager that stores login information automatically, reducing the need for manual entry. Whenever possible, use biometric authentication like facial recognition or fingerprint readers.
Position yourself strategically when entering sensitive information. For example, if you’re in a high-traffic area like an airport, sit with your back to the wall to mitigate the possibility of someone peering over your shoulder. If you’re entering a PIN, cover the keypad with one hand while typing with the other. Additionally, consider a privacy screen filter for your computer or laptop, which prevents wandering eyes from reading your screen.
Forms of contactless payment—most notably, Apple Pay, Android Pay and Google Pay—add another form of security to your transactions because they don’t require you to enter a PIN or swipe a card.
Avoid over-the-phone transactions that require you to speak or enter account information in public. When asked to share your Social Security number or account number in public—like with a bank teller—write it down instead of saying it out loud. Then, ensure the paper is shredded immediately after use. If you’re ever suspicious of why you’re being asked for sensitive information, ask. It may not be necessary.
Two-factor authentication (2FA) helps protect your accounts even if unauthorized users gain access to your password. If you’ve enabled 2FA, it will send a one-time code to you via text or email if someone tries to log in to your account. If someone gets the login information for your banking app, they’d also need access to your texts or email to log in.
Always enable this feature so you’ll know right away if someone else tries to access your accounts. If you ever receive a notification that someone is trying to log in, change your password immediately.
According to our millennial spending habits survey, 91 percent of millennials prefer shopping online. While encryption has made public networks safer, online shopping is still not risk-free. Approximately five percent of the top 10,000 HTTPS websites have security flaws that make them vulnerable to criminal hacking. To be safe, ensure any transactions you make in public are on a cellular data connection.
Shoulder surfers may misuse your sensitive financial information to make purchases using your account. Depending on the amount of information gathered, they may even open a new account or take out a loan in your name.
If an identity thief runs up your credit card or exceeds the limit before you can catch it, it may cause your credit utilization to increase, which may hurt your credit.
If the identity thief applies for new credit cards or loans, this would likely cause new hard inquiries to appear on your credit reports. Your score could take a hit if there were multiple hard inquiries within a short period.
If the criminal fails to make payments on your stolen credit account—which is likely—then your credit could see a serious dip until you can clean up your report.
Shoulder surfing is a concern because most people won’t realize someone has their information or password. This means it could take longer for the victim to realize if the shoulder surfer gains access to their accounts or banking information.
Shoulder surfing is a tactic identity thieves can use to get control of your accounts to steal your identity.
When it comes to avoiding identity theft and fraud, staying alert is crucial. If you suspect you have fallen victim to shoulder surfing, check your bank statements for any unusual activity. You may also want to review your credit report for any inaccurate information that could negatively impact your credit—even if it wasn’t your fault.
Lexington Law Firm can help you challenge questionable negative items on your credit report. Explore credit repair options to get your finances back on the right path.
Note: Articles have only been reviewed by the indicated attorney, not written by them. The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, reviewers, contributors, contributing firms, or their respective agents or employers.
The credit card approval process can take anywhere from a few minutes to 30 days,…
Once you confirm the amount you owe, you may be able to negotiate your credit…
The Consumer Credit Protection Act is a piece of legislation that protects consumers in the…
Saving for a rainy day is an important part of financial stability. Learn how to…
Learn all the different ways you can pay off your student loans so you can…
Does refinancing your mortgage hurt your credit? It can be an issue. Discover why this…