1. Banking: Introduction
  2. Banking: Why Use a Bank?
  3. Banking: How to Choose a Bank
  4. Banking: Check-Writing 101
  5. Banking: Making Deposits
  6. Banking: Debit Cards and ATMs
  7. Banking: Managing Your Checking Account
  8. Banking: Savings Accounts 101
  9. Banking: Basic Banking Precautions and Safeguards
  10. Banking: Online and Mobile Banking Precautions and Safeguards
  11. Banking: Conclusion

If you bank online – or through your smartphone or tablet – you can be an easy target for hackers. To improve your odds of outsmarting them, follow these guidelines.

1. Don’t use a jailbroken mobile device for online banking.

When a mobile has been unlocked to give it access to a wider range of apps and customization, some security safeguards are disabled. The operating system is not as secure as the OS on an unmodified device.

2. Only download mobile banking apps from your device’s official app store.

Use the Google Play store for Android devices and the App Store for Apple devices when downloading mobile banking apps. Only use your bank’s official mobile app.

3. Never bank online over public WiFi.

If you're using public WiFi, you shouldn't log in to your bank account (or any other password-protected site, including your email account) because the network’s security is questionable. About 25% of consumers aren’t taking this simple precaution, according to the Federal Reserve’s most recent Consumers and Mobile Financial Services survey from March 2016.

While websites that begin with HTTPS offer some protection, it is easier for someone to steal your login details when you’re on a public network, even a paid public network such as those in airports and on airplanes. Only use online or mobile banking apps in public if you know how to set up a virtual private network with a reputable provider or if you can use your wireless carrier’s secure cellular network. 

4. Memorize your login information.

If you have your login name and password written down anywhere, you're at risk of someone stealing it. If someone breaks into your house and you have the information filed away, it might be stolen. If you email your login information to yourself and the security of your email account is compromised (and email isn’t very secure to start with), your information can be stolen that way.

If you're worried you'll forget your login information, write down some hints to yourself that will help you remember it but that a third party won't be able to decipher. Better yet, use a reputable password manager such as LastPass or Dashlane. Keep in mind that it shouldn't be too difficult for you as the legitimate account holder to recover a forgotten password and/or username by contacting your bank, so it's not the end of the world if you forget your login credentials.

5. Disable automatic login and extended login.

If your mobile banking app or bank website offers to keep you logged in for an extended time, disable this feature. Do the same if the app or your browser offers to remember your login details. You only want to be logged in for the few minutes when you’re actually using the app or website, and you don’t want anyone else who gets on your device to have easy access to your account.

6. Use complex login credentials and two-factor authentication.

Internet security professionals recommend using complex usernames and passwords that include some combination of symbols, numbers and upper- and lowercase letters. As well, you shouldn't use dictionary words or anything that would be easy to guess (so don't use your home address as your online banking password). Avoid using the same password for multiple accounts; use a completely unique login and password for your online and mobile banking activities. Enabling two-factor authentication or two-step verification for websites and apps that offer it can protect you further by requiring you to not only enter your username and password, but also enter a unique code that is sent to your mobile device.

7. Password-protect your phone and your computer.

According to the same Federal Reserve survey mentioned above, 30% of consumers still aren’t password-protecting their smartphones. Again, use a complex password that’s unique to each device. Make it more difficult for thieves to access your accounts if your device is lost or stolen.

8. Make sure your home network is secure. 

The best place to log in to your bank account is from home – unless your home network is not secure. If you don't have a firewall and antivirus software that you update regularly, and if you don't practice safe browsing habits, your home network may be compromised. This may make it easy for hackers to steal your information.

Many routers that come from internet service providers are not as secure as you might think. You can improve your router security in a few ways. The best is to purchase your own router, but if that isn’t an option, you can at least change the router’s default password (the password that appears on a sticker on the bottom of the router).Use the WPA2 protocol for your WiFi password and create a strong password with at least 20 characters that consists of numbers, letters and symbols.

You can also create a guest network for friends and family to use when they visit you; taking this precaution will help protect your network in case their devices are infected. You should also change your wireless network’s default name so hackers won’t know which type of router you have. Use a generic name that doesn’t personally identify you. Heimdal Security has more easy-to-follow tips on securing your home network.

9. Be careful with email.

If you receive an email that appears to be from your bank and asks you for any personal information such as your account number, debit card number, PIN, login ID or password, you can bet it's from someone who wants to compromise your account. Banks do not send emails asking for personally identifying information. You should also not download attachments from emails that are supposedly from your bank, nor should you click on links in such emails.

Even if you think you've received a routine email, such as one notifying you that your monthly statement is available, don't click on any links in the email. It only takes an extra few seconds to open a new browser tab or window and go directly and safely to the bank's website. Bookmarking your bank’s official website can also help keep you secure when banking online; sometimes scammers create look-alike websites at commonly mistyped URLs to capture unsuspecting customers’ login credentials.

10. Beware mobile phishing scams.

Similar to email phishing scams, if you get a text message that is supposedly from your bank and that asks for your PIN or other sensitive information, do not respond and do not click on any links in the text message.

(For further reading, see Tips For Keeping Your Financial Data Safe Online.)

11. Limits on What You Can Protect 

Even if you do everything within your power to protect your account security, you can still become a victim. Many major security breaches have occurred in recent years where criminals have stolen payment and account data from retailers and banks. You can’t prevent such attacks from happening because they are usually the fault of the merchant, one of the merchant’s third-party processors, computer theft, human error or a malicious insider. Here are a few of the big banking and debit card-related data breaches that have occurred in recent years:

Home Depot: In 2014, 40 million Home Depot customers had their payment card data stolen by hackers. (For more, see Home Depot Pays Another $25M for 2014 Data Breach.)

Target: Thieves stole debit card, credit card and personal information on Target customers in late November and early to mid-December 2013. (Learn more in Target Faces Yet Another Lawsuit Over Data Breach.)

JPMorgan Chase: 76 million households and 7 million small businesses were affected by stolen user names, addresses, phone numbers and email addresses in a 2014 cyberattack.

And then, of course, there was the 143 million customer breach at Equifax in October 2017 (see Was I Hacked? Find Out If the Equifax Breach Affects You.) For more examples, see  Wendy’s Breach Worse Than Previously Thought.

12. What to Do If Your Account Is Compromised 

If you are the victim of a data breach, the compromised company will usually notify you in writing (though some states don’t require this) and explain what data has been compromised.

If your debit card number was compromised, request a new debit card from your bank and create a new PIN when you activate it.

If your bank account will remain open, check your account activity daily for signs of fraud.

If your bank account number was compromised, you’ll need to close your bank account and open a new one – a major pain, but a good opportunity to review your banking needs and consider switching banks.

Keep an eye out for phishing scams related to the breach. If you get an email or text message that appears to be related to the breach, don’t click on any links, respond to requests for personal information or download email attachments. Visit the website of the company that experienced the breach to get the latest information on how the company is handling the breach and the steps you may need to take.

Also, keep an eye on your credit reports in case anyone tries to open a fraudulent account in your name using the stolen data.

Scambusters offers additional tips on what to do if you’re been a data breach victim.

 

That's it:  You've reached the end of our banking tutorial. In the final section, we'll summarize what you've just learned.


Banking: Conclusion
Related Articles
  1. Insights

    How to Protect Your Assets From Cyber Thieves

    Taking these precautions can keep you a step ahead of identity thieves and fraudsters.
  2. Tech

    Cybersecurity: Stay Safe Online With These Tips

    No one can guarantee that any of us are 100% safe from cyber and identity related crimes, but we can make ourselves less of a target. Here's how.
  3. Financial Advisor

    The Dangers Of Using Personal Finance Apps

    You should think twice before downloading any app that requires your bank account login or other personal information.
  4. Tech

    7 Ways to Protect Yourself From Online Identity Theft

    These seven steps can help protect your online identity from hackers and scammers.
  5. Insights

    Detailed Ways to Protect Digital Data

    Knowing how to protect digital data has become a big concern these days. Here are four easy ways to keep your personal information safe.
  6. Tech

    Cybersecurity: Protect Yourself This Tax Season

    Take a little extra time to review online communications and avoid becoming a cybercrime victim.
  7. Tech

    The Fight For Your Financial Data Is Getting Ugly

    The banks and Silicon Valley are desperate for your data. Here's how to control what they see and use.
  8. Tech

    5 Ways to Avoid Identity Fraud

    Identity theft was the number one consumer complaint in 2014. Here are some ways you can protect yourself.
  9. Personal Finance

    4 Best and Safest Password Manager Apps for 2016

    Find out which password managers are the best at keeping your passwords secure while managing critical data you use in your daily digital life.
Frequently Asked Questions
  1. What Was the First Company to Issue Stock?

    The Dutch East India Co. held an IPO in 1602, making it the first company to issue stock.
  2. When Does a Corporation Decide to Refinance Debt?

    Favorable market conditions or the strengthening of a credit rating may lead to refinancing.
  3. What Is an Odd-Lot Buyback?

    Odd-lot buybacks involve lots of less than 100 shares. Learn how companies get these shares back.
  4. Can I buy a house directly from Fannie Mae (FNMA)?

    Yes, Fannie Mae does sell properties it's foreclosed on; each property is sold in "as is" condition.
Trading Center