With an increase in the number of Americans who bank online it is extremely important to do so safely. Identity theft and account hacking are real threats. According to the Federal Trade Commission (FTC) There were over 1 million reports of identity theft in 2022. This included bank fraud.
Banking online is very convenient and receiving your bank statements and other correspondence electronically prevents these documents from being stolen by mail thieves. There are certain precautions you should take when you bank online. These precautions can help to protect you from fraudulent activity.
Use a Strong Password and Use Two-Factor or Multi-Factor Authentication
Choose a strong password for your account and change it frequently. When you change your password also change your security questions. See my article Why you Should Never Use Real Answers to Security Questions
Use a password manager to save your information and to generate a random, secure password. See my article Using a Password Manager
Always use Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) this will add an additional layer of security to your account. You will be required to provide a code or some other form of authentication before you are granted access to your account. 2FA requires users to provide exactly two authentication factors, MFA requires users to provide 2 or more authentication factors.
When you use 2FA and MFA you will select where you want the authentication code to be sent. Don’t choose to have the code sent to your email. Email accounts can be hacked and if a cybercriminal has access to your email, they can retrieve the authentication code. Instead have the code sent to your phone or use an authenticator app.
Never write your usernames and passwords down where others can see them.
Choose a Unique Username
Don’t use your email address or your real name as your username. Instead choose something that does not identify you. Using your name or email address makes you more vulnerable to hackers.
Don’t Save your Usernames and Passwords in Your Web Browser
Don’t save usernames and passwords in your browser. Instead type them yourself or use your password manager to login.
Sign Out When You Are Finished
Sign out of your account when you are finished banking.
Set up a Verbal Password or Secret Code
Contact your bank and set up a verbal password or secret code. This is a password or code spoken over the phone when you call your bank which prevents someone else from calling in and accessing your account information.
Never Share Your Personal Identification Number (PIN)
Memorize your PIN and don’t share it with anyone.
Don’t Visit Secure Sites on Public Wi-Fi
Never visit secure websites when connected to public Wi-Fi. Hackers can easily access your computer, tablet or smartphone when you are connected to public Wi-Fi and steal your private information which can include email messages, passwords, credit card information, bank information and any other data on your device.
Secure Your Wireless Network
Be sure your wireless network is secure. See my article on steps to secure your wireless router. Secure Your Wireless Router
If your wireless network is not secure, every device connected to the network is at risk.
Password Protect Your Devices
Password protect your computers, tablets and smart phones. This prevents others from gaining access if your device is lost or stolen. Enable auto-lock so that the screen is locked after a period of inactivity.
Use Antivirus Software
Install antivirus software on all of your devices and keep it updated. Run regular scans to check for malware.
Keep Devices Up to Date
Enable automatic updates on your computers, phones and tablets. Keep not only the operating system updated but also all apps and programs that are installed. Out of date software is one of the ways hackers gain access to your devices. Security updates often include important fixes for operating systems and hardware.
Beware of Phishing, Vishing & Smishing Scams
Phishing is when a cybercriminal sends and email trying to trick you into clicking on a link or providing personal and financial information about yourself.
Vishing is when you receive a phone call, often threatening or intimidating in nature. The cybercriminal tries to pressure you into providing personal and financial information. They often pose as a government agency, police department, the IRS or your bank.
Smishing also known as SMS phishing is a text message sent by cybercriminals trying to trick you into providing personal or financial information. They often pose as a bank or other financial institution. They may send a fraudulent link prompting you to log into your bank account where they steal your username and password.
Don’t fall for any of these tricks. Be cautious of any type of message you receive requesting information. Never log into your bank or any other website using a link sent in an email or text message. Instead login using your password manager or by typing the address yourself.
Install Certified Apps
Install only Apple and Android certified apps on your devices. Third party apps can contain malware, they can steal data, spy on you using your microphone and camera and intercept messages.
Don’t Leave Devices Unattended
Never leave your devices unattended in public settings or leave them in your car. Millions of smartphones, laptops and tablets are stolen every year and very few are recovered. As many as 25% of these devices are stolen from vehicles or during transportation. Keep your devices with you or lock them away.
Turn your Devices Off
A hacker cannot access a device if it is turned off. If you are not using your computer, tablet or phone shut it off.
Don’t Use Links to Logon
Don’t click on links in an email or text message to log into your bank account. Even if the email or text message looks legitimate it may not be and can direct you to a malicious website. Instead type the web address into your browser or connect to the site using your password manager.
Review Bank Statements
Review your bank statements monthly and verify that every transaction is legitimate. If you find anything unusual notify your bank immediately.
Monitor Your Online Accounts Regularly
Log into your bank account regularly to ensure all is well. Look for any debits or transfers you do not recognize. If anything is out of place, contact your bank right away.
Setup Alerts
Sign up for text and email alerts, your bank will notify you when there is activity related to your account, including when a transaction is made, balance alerts, purchase alerts, when unusual activity is detected, when your password changes and when there is an ATM withdrawal or deposit.
Check Your Credit Reports Often
The three national credit reporting agencies — Equifax, Experian, and TransUnion now let you check your credit report at each of the agencies once a week for free. Visit AnnualCreditReport.com to request free copies of your credit reports. Review your reports for any unusual or suspicious activity.
Don’t Use Your Debit Card for Purchases
Instead of paying for purchases with your debit card use a credit card. Credit cards offer much more protection, and they are not tied directly to your bank account. Credit card companies usually block suspicious charges until you confirm they are not fraudulent. Use your debit card for cash withdrawals and your credit card for purchases and bill paying.
The Tech Minimalist 