How to safely share your credit card information [Tips from an IT Support Company]

by Jon Lober | NOC Technology

7 steps to minimize risk when sharing your credit card number.

No method of sharing your credit card information is completely safe, in fact, we strongly discourage it. However, we also understand that unique circumstances arise, and you may need to quickly improvise in the absence of the ideal.


Such a situation will inevitably leave you asking, what is the safest way to share credit card details with family members or a colleague in a pinch? Before we answer that question, a few warnings are in order.


1. Only share credit card information when absolutely necessary. If you can personally make direct payment, you should make every effort to do so. This limits the propagation and distribution of sensitive details.

2. Make absolutely sure that the requestor is someone you trust. Scammers often use social engineering techniques to deceive their victims into believing that they are someone else. If you receive a request for private information via email or text from someone purporting to be a personal acquaintance, always call them directly to verify that Uncle Joe is indeed Uncle Joe.


3. Assume that hackers can read your emails and SMS texts. Sadly, email and SMS texts are no longer trustworthy mediums. MFA (a.k.a 2FA) or passkeys can improve the security of your account, but you should consider any unencrypted communications as "public knowledge."


How to share your credit card information (relatively) safely.

Rampant cybercrime, data breaches, and hackers threaten any modern mode of communication. However, there are a few steps that you can take to minimize becoming a statistic in the second most common form of identity theft in the United States.




  • 1. Wait to send information until the recipient is ready to use it.

    Minimize the amount of time that your credit card information exists outside of your wallet. Do not send information in advance of the time of payment.

  • 2. Make sure that multi-factor authentication (MFA or 2FA) is enabled on any accounts that you will use to send sensitive information.

    MFA is the most effective way for most average users to secure their accounts. This is especially important for any channels that may contain sensitive information. Do not overlook this simple, but critically important step.

  • 3. Split up your credit card number, and send it through two separate channels.

    In order to use your credit card, a cybercriminal needs your full name, physical address, credit card’s number, its CVV (security code), and its expiration date. For safety's sake, you should assume that any capable hacker already knows your full name and address. You can complicate a thief’s schemes by splitting your credit card number into at least two chunks and sending it through two different channels separate from your CVV and expiration date. 

  • 4. Send one half of your credit card number through an encrypted communication application.

    Although email and text are convenient, they are also easy targets. Simjacking, common malware, or cell network hackers can easily compromise standard SMS texts. Emails are even more vulnerable. Encrypted communication applications like Signal, Telegram, and WhatsApp offer secure end-to-end communication that are far less likely to be hacked; Signal is widely recognized as the most secure.

  • 5. Send the other half of your credit card information through email in a password protected Word document.

    A password protected Word document uses encryption to lock away any sensitive information. If possible, call your recipient on the phone to verbally communicate the document’s password. If you cannot, send them the password in a medium other than email.

  • 6. Call your recipient to verbally communicate the CVV and expiration date.

    Verbal communication can foil many common hacking tactics. If you cannot call, send the information via text. Although phone calls and texts are less secure forms of communications, your CVV and expiration date are useless to a cybercriminal without your credit card number.

  • 7. Immediately delete any record of your card information.

    All of the secure messaging apps listed above have an option to delete the message for both the sender and recipient. Once your recipient has confirmed that they have made successful payment, delete the relevant messages for both of you. Delete any emails from your “Sent” folder and from the trash. Delete any texts that you have sent. Ask your recipient to do the same with their received messages and to destroy any physical notes that they may have taken.


What not to do when sharing credit card information.

Several common mistakes can put your payment information at high risk. Make sure to avoid them.


1. Do not send all payment information through the same communication channel. When you share your credit card information in a single channel, you are placing all of your cyber eggs in one basket. Never send your information through a single method.


2. Do not clarify any confusion or requests via written communication. If your recipient needs to clarify any details during the process, do so via phone call. If a hacker happens to have compromised one of your accounts (or one of your recipient’s accounts), they may try to get you to share additional information with them through that channel. Clarify any confusion via phone call with your trusted recipient. If if it feels like overkill, confirm their identity through a personal question that a hacker would not be able to answer. (E.G. Where's the last place we met for lunch? How many kittens did your neighbor's cat have yesterday? You get the idea.)


3. Do not leave credit card information stored in accounts after you have communicated it. Even if your account is not compromised at the time of communication, any future hacks could take advantage of details that you have left in your account. Always thoroughly delete any records of credit card information.


Do you need help protecting your small business from digital threats?

If you do not know where to start, we want to help. We offer free, no-commitment, one-time consultations with our SMB tech experts to small business owners and IT personnel. Just let us know what your concerns are, and we can explain some of your options. Even if you just want to run an idea by us, we are here to help. Just click the button below to schedule a slot in our team's calendar.



Schedule a Free Consult
clicking a phishing email can make you feel sick

What if I clicked on a phishing email?

By Jon Lober 28 Oct, 2024
Just a quick refresher— what is email phishing? Phishing is a type of cyberattack where attackers try to trick you into giving away sensitive information—like passwords, credit card numbers, or even access to your business’s network— by pretending to be someone you trust . These emails often look like they’re from legitimate companies, like your bank, a well-known retailer, or even someone within your own organization. The goal? To get you to click on a malicious link or download an attachment that can compromise your system. Sometimes, the emails are obvious fakes, but other times, they can be extremely convincing, making it crucial to stay vigilant.

Think like a hacker

By Jon Lober 23 Oct, 2024
Looking for weak points could save your business.
what should i do with phishing emails

What to do with Phishing Emails

By Jon Lober 22 Oct, 2024
and w hat if I clicked the link?
More Articles
Share by: