Don’t Let Your Cash App Get Hacked. Cybersecurity Expert Tips to Safeguard Your Money

If the latest Cash App data breach freaked you out, you’re not alone.

The peer-to-peer payment platform and its parent company, Block, failed to safeguard unauthorized access to Cash App customer accounts in 2022. In return, Cash App agreed to a $15 million class-action settlement. While that’s a step in the right direction, it didn’t calm my nerves about the app’s security, especially since it was an internal move. So I reached out to a cybersecurity expert to find out how to better protect myself.

“One of the biggest problems with money apps like this is their popularity,” said Neal O’Farrell, a digital security expert and CNET Money expert review board member. “Hackers follow the crowds, and the more people use these apps, the more time criminals will spend trying to exploit them.”

Cash App actually has a number of security features. The problem is that while they can help you avoid scams, they won’t always prevent your data from being leaked. O’Farrell noted that even the best privacy protections can be neutralized by an insider with access, which is exactly what happened in Cash App’s case. 

Whether you’re looking to avoid financial scams on Cash App or want some options for protecting your sensitive information once it’s been leaked, here are six security steps we recommend you do alongside claiming any settlement money you’re owed.

Read more: Cash App Customers May Be Eligible for $2,500. Here’s How to Claim Your Money

Secure your sign-on

By default, Cash App makes signing in more secure by sending a code to your phone number or email address every time you sign in. But there’s a catch — you’ll need to manually sign out of your account after logging in, otherwise, you’ll be able to access your account from your phone without a code. I’ve signed out and been able to sign back in without a code, which could be a problem if someone gets your phone and accesses the app. To be on the safe side, I’d recommend logging out when you’re done making transactions. 

You can use two-factor authentication as a second layer of protection for your account, but you’ll need to download a separate app, like Google Authenticator. 

Turn on Cash App’s ‘security lock’ feature

To prevent hackers from trying to withdraw money from your account or request money from your friends and family, you can create a security lock for your transactions. By turning this feature on, you’ll be required to provide your fingerprint, face ID or a specific passcode every time you want to send or transfer money. I tested this feature on my own Cash App account and it takes less than a minute to set up. You can find it under the Security & Privacy tab. Here are the steps to enable security lock. 

Monitor your transaction activity

Beyond protecting your data, it’s important to pay attention to your account’s activity. Under Cash App’s ‘Notifications’ tab, you can enable push alerts to receive text messages and emails about your transactions. This way, you can keep track of all of your payment activity and keep an eye out for anything suspicious.

Don’t send money to anyone you don’t know

From romance scams to tax scams, there are a lot of ways fraudsters may try to trick you into sending them money through Cash App or other payment apps. Experts recommend never sending money to people you don’t know and verifying their phone number or email address before hitting send. If you accidentally send money to the wrong person or find out you were scammed on Cash App, banks often won’t refund your money.

O’Farrell recommends being skeptical of any messages you receive through payment apps. He commonly sees scams where someone might pose as a friend and ask for money or may say you owe them money. Others might try to steal access to your app and money by asking you to verify your security code so they can fix a security issue with your account. 

A few features can help you weed out who you’re sending money to. Cash App’s Incoming Requests option found under the Security & Privacy tab will only allow you to send money to your contact rather than anyone on the app. You can also prevent others from finding your Cash App account by turning off the “$CashTag Cash.app” feature from the same security tab. 

“Use all the security options they offer, even if it slows transactions down a little bit,” O’Farell said. “You’ll be thankful that you did.” 

Read more: Don’t Fall for These 9 Venmo, Cash App and Zelle Scams

Make sure your email address is protected

If you use your email address to log into Cash App, make sure it’s protected by turning on two-factor authentication. This will require you to provide a code each time you log into your email. While this extra step may slow you down slightly, it will also make it harder for scammers to access your email and get into your Cash App account.

Get alerted to breaches faster with identity theft protection

Identity theft protection is the best way to find out if your information has been leaked in data breaches. Although it won’t prevent your data from getting on the Dark Web, ID theft services can alert you sooner if your data has been compromised and can walk you through next steps, such as changing the exposed password or freezing your credit.

ID theft protection also usually comes with credit monitoring to alert you of any new accounts in your name so you can take action sooner.

Curious about ID theft protection? Aura is CNET’s top pick for keeping your data safe.