More Americans than ever are banking online. Consider the rise of mobile transactions: According to a 2016 report by the Federal Reserve, 53% of all smartphone users with bank accounts used mobile banking in the last year.
Online banking is certainly convenient and, for the most part, secure. But at the same time, it presents a new avenue for cybercriminals to infiltrate personal bank accounts and pilfer money from them.
This growing threat has made it imperative for banking customers to follow some key safety precautions to protect their online accounts. Whether you're using a phone, laptop, or work computer to transact, here are some of the biggest threats to your account and information on how to guard against them.
One of the newest tricks by cybercriminals targeting mobile banking customers is “smishing,” or phishing via SMS. With smishing, a bank customer can receive a dubious text message from somebody claiming to be a bank representative. It may ask the user to call a phone number where they are asked for personal bank account information.
In one instance, a NatWest bank account was hacked when an attacker blocked a user's phone from use, took control of it, and accessed a bank account through the phone.
Similarly, vishing, or VoIP (“voice over IP,” or internet calls) phishing is where attackers use VoIP technology to siphon a target's personal information. The attacker usually notifies the victim that suspicious activity has taken place on a bank account or other financial account and says the account information needs to be validated. Passwords and other account information are retrieved and the attack begins.
What to do: If you receive a text message or VoIP call with a phone number asking you to call your bank, don't call the number. Instead, call the number listed on your bank statement to verify the message.
Malware has long been one of the most dangerous forms of cyberattacks. It infiltrates your computer — and now your phone — without your knowledge, then allows cybercriminals to, among other things, track your banking transactions. For example, a recently discovered Android malware was found to be stealing users' banking credentials directly from their phones. Check out this list of the most dangerous financial malware to learn just how widespread and dangerous financial malware is.
What to do: Avoid small hosted websites with community forums, including computer game sites. Always keep your anti-virus programs updated.
While many people assume apps found on the iPhone or Android store are safe, some aren't. A study by RiskIQ found that more than 40,000 of the 350,000 apps that reference banking in the world's top 90 app stores contain malware or suspicious binaries.
What to do: Download your banking app directly from your bank's website.
Using a computer at work or an internet cafe to access your bank account puts your account at risk. But even using your own computer or phone for online banking can be risky if you're accessing the site through a public Wi-Fi network.
What to do: Don't perform online banking when you're connected to public Wi-Fi networks. Instead, wait until you get home to your private network. Using an outside network with a password is safer, but not completely safe.
Your online banking password is a key gateway to your account. However, a study of passwords required to access accounts at 15 banks found that 35% had significant weaknesses in their password policies, according to University of New Haven Cyber Forensic Research and Education Group.
What to do: Be sure you have a strong password that's not written down anywhere. A strong password can include a combination of uppercase and lowercase letters, numbers, and special characters. Also, don't save your banking passwords on your computer.
Protecting your bank accounts is crucial so you can never be too careful. Start with the simplest and most affordable tools available. To learn more, visit our security, privacy, and fraud-prevention page for more tips on how to stay safe online.
Disclaimer: Views expressed in this article and the third party links contained herein may not necessarily reflect those of Citizens Bank. Citizens Bank does not guarantee the accuracy of the information contained on the third party websites linked to in this article, nor do we endorse the products or services mentioned or provided on said third party websites. The information contained herein is for informational purposes only as a service to the public, and is not legal advice or a substitute for legal counsel, nor does it constitute advertising or a solicitation. You should do your own research and/or contact your own legal or tax advisor for assistance with questions you may have on the information contained herein.