10 Things Investors Should NEVER Tell Anyone (Attorney Explains)

If a stranger can guess your email, your phone, and one personal detail, they can walk right into your life.

In nearly three decades as an attorney, I’ve watched scams, identity theft, and lawsuits begin the same way. Someone shared information they didn’t think mattered.

So let’s build what I call a privacy firewall. Below are ten things you should never share. And if you want to hear examples and what to say instead, watch the original video first.

What Is A “Privacy Firewall,” & Why You Need One?

A privacy firewall is a simple rule that keeps strangers from collecting enough information to impersonate you, access your accounts, redirect your money, or target you and your family.

Most criminals don’t use force. They exploit the information you leave exposed.

What Investor Information Shouldn’t Be Shared?

Never share any sensitive information like your full Social Security Number (SSN) or your business Entity Identification Number (EIN).

Your SSN is the master key to your life: loans, credit reports, retirement plans, tax filings, etc. If someone gets it, they can do real damage that you’ll spend years cleaning up.

Request a free consultation with an Anderson Advisor

At Anderson Business Advisors, we’ve helped thousands of real estate investors avoid costly mistakes and navigate the complexities of asset protection, estate planning, and tax planning. In a free 45-minute consultation, our experts will provide personalized guidance to help you protect your assets, minimize risks, and maximize your financial benefits. ($750 Value)

Speak With an advisor

Should You Share Login Information?

Never share:

  • Passwords
  • 2FA codes (including “one-time” text codes)
  • Push approvals you didn’t request
  • Reset links
  • Crypto seed phrases
  • Private keys
  • Authenticator export QR codes

Any one of these can result in a complete account takeover of all your financial details. That’s why I call them “skeleton keys.”

I’ve seen this happen even in trusted relationships. Someone hands a security key to a bookkeeper “for convenience,” only to get drained.

Instead:

  • Use a password manager for unique, long passwords.
  • Lock down your primary email and your recovery email.
  • Store seed phrases offline.
  • If you get an unexpected 2FA prompt, deny it and immediately change passwords from the real site (not the link you were sent).

What Financial Account Information Should You Never Share?

Never share your financial data:

  • Bank accounts and details
  • Brokerage and retirement accounts
  • Life insurance details
  • Wire instructions
  • Voided checks
  • Crypto wallet address

Wire fraud is nasty because it happens quickly and is hard to reverse. I had a friend who received what appeared to be a routine request for wiring instructions from a borrower. It came from the correct email, but the borrower had been hacked. The criminals copied old wiring instructions and simply swapped routing/account numbers.

Instead, verify wiring instructions by calling a known number, not the number in the email.

What Personal Information Should Not Be Shared?

Never share any personal identifier from a government agency, like your driver’s license or passport numbers. 

Those documents can be used to bypass “know your customer” checks. With an ID image, your name, and your address, a fraudster can open accounts or take over existing ones through recovery processes.

Instead:

  • Upload IDs through secure portals.
  • Watermark copies.
  • Treat your ID like credit card numbers or house keys: Share rarely, and assume any copy can be forwarded or stolen.

Security risk: Be careful with the cloud; hackers can easily access identifying information from uploaded pictures and documents.

What Personal Birth Information Should You Never Share?

Don’t share your full legal name, date of birth, or place of birth.

It sounds harmless, but together it becomes a powerful identity fingerprint. Data brokers and scammers can stitch together your addresses, relatives, and employment history. They’ll use that for social engineering or account recovery.

Instead:

  • Remove birthday visibility on social media.
  • Avoid posting “born in ___” details.
  • Share the minimum only through secure channels.
woman looking up information

What Is Your “Recovery Chain,” & Why Should You Keep It Private?

Your recovery chain is the combo of your:

  • Primary email address
  • Phone number that receives phone calls with reset codes
  • Backup recovery email that can reset the primary

If someone controls one link, they can often reset everything you own.

Instead:

  • Don’t use your banking email/phone publicly.
  • Use separate emails for newsletters, public pages, and signups.
  • Remove old phone numbers and old recovery emails.
  • Turn on new device/login alerts.
  • Review active sessions monthly.

What Security Question Answers Should You Never Reveal?

Never share real answers to security questions.

Those are backdoor passwords, and they’re often guessable from social media.

Rather, use fake answers and store them in your password manager. Your first car can be “GeorgeJetsonBlimp.” The point is: it’s unguessable.

What Home & Family Details Should You Never Share Online?

Never share your:

  • Address for your primary residence
  • Daily routines
  • Upcoming travel plans
  • Interior home photos
  • Photos of personal property
  • Kids’ information

If you post “I’m leaving for Maui for two weeks,” you just told the world your house is empty. If you post home interiors, thieves can study what you have and how your home is laid out.

And kid identity theft is real. There’s a dark trend in which scammers prey on kids they believe are from money.

Instead:

  • Post travel photos after you return.
  • Use cameras, alarms, and a decoy presence.
  • Use a PO box to avoid mail pileups.
  • Keep your family member’s info off public profiles.

What Should You Assume About Anything You Say Or Write?

Assume if you say something in a text, email, DM, or “private” message, it won’t stay private. I’ve heard more incriminating bragging by executives than I care to remember. It doesn’t help them later when negotiations get tense or disputes arise.

Rule: If you don’t want it repeated, don’t say it or write it down.

What Financial “Brag” Details Should You Never Share?

Don’t share any income or financial information. It puts a bullseye on your back. Scammers tailor attacks to the size of your accounts.

Lawyers and opportunists look for deep pockets. 

Counterparties adjust pricing upward. 

And burglars decide whether you’re worth targeting.

Keep your affairs private. Don’t post banking screenshots, disclose balances, or share sensitive legal documents.

What Sensitive “Bonus” Information Should You Keep Off The Record?

Be cautious about sharing mental health issues or family problems publicly or casually.

You deserve support—but public disclosure can create unwanted leverage, invite targeted scams, trigger doxing, or complicate disputes.

Ready To Strengthen Your Asset Protection Plan?

Everything you just learned points to one truth: Privacy alone isn’t enough without structure.

Real protection comes from intentional asset protection planning—the kind that limits what’s visible, reduces legal exposure, and keeps opportunists from ever finding a target.

In a free 45-minute Strategy Session, we’ll review how your assets are currently titled, where information may be exposed, and which asset protection strategies actually fit your situation. That may include evaluating whether asset protection trusts, privacy-focused entities, or other planning tools make sense for you and your family.

This isn’t a sales call. It’s a working session designed to help you understand:

  • Where your biggest asset protection gaps are
  • How visibility increases legal and financial risk
  • Which asset protection options can reduce that risk before a problem shows up

If staying off the radar matters to you—and protecting what you’ve built does—this is the right next step.