Online banking dangers and how to avoid them: Internet Scambusters #586
The more popular online banking has become, the harder scammers try to get their hands on our account info.
In this week's issue, we have 10 great tips to keep the crooks at bay.
But first you need to be sure that you're dealing with a legitimate, properly secured bank and where to go to get more information.
Let's get started...
10 Tips for Safer Online Banking
Is online banking safe? It's a question everyone asks when weighing the convenience of managing all their financial transactions on the Internet against the risk of their accounts being hacked or illegally accessed using identity theft.
It depends, in fact, mostly on you and what you do to protect your information, monitor your accounts and resist the convincing tales that scammers and other crooks spin to get their hands on your cash.
As we reported way back in one of our early issues, Is Your Bank Account Safe?, around 2 million people a year have money stolen from their bank accounts, losing an average $1,200.
And that was then. In the years since, many more people have switched to online banking, so we can reasonably assume the numbers have grown significantly since then.
Of course, a lot of bank fraud has nothing to do with being online. It comes down simply to crooks getting hold of account and debit card details and then siphoning off their victims' cash.
But this week we want to focus specifically on the risks you face by actually conducting your bank activities over the Internet.
We covered a lot of tips in that earlier report, like:
- Regularly logging into your account to monitor your balances and payments.
- Not doing your online banking in public areas or using public networks, where your details could be accessed and stolen.
- Avoiding clicking on supposed links to your bank in an email.The email could be a fake disguised to look genuine; clicking links could lead to a spoof bank site phishing for your sign-on details.
- Checking the site is secure by looking for the "https" at the start of the website address. It's the "s" that's important. It stands for "secure."
- Changing your password regularly, and using up-to-date antivirus software. If you don't, you could end up with malware that captures passwords when you key them in.
That's a pretty comprehensive list that should go a long way towards keeping you safe.
But these days, it may not be enough. Crooks have become more sophisticated and computer technologies have changed, so law enforcement and financial protection organizations have added more recommendations to bolster your online banking defenses.
More Tips
Here are another five to add to our list:
- If you use a mobile device for your banking, make sure it's properly protected against physical theft.If you have accounts that are set up for automatic login when you access your account, a thief who gets hold of your mobile can do the same.Password protect your device, so thieves can't access it at all. How you do that depends on the device -- laptop, tablet, cell phone -- and the operating system, so you'll need to do your research on this.
- Better yet, don't allow your device or browsers to store passwords for sensitive accounts.Or use a password manager that requires an additional master password for certain accounts.There are lots of these products. Ones we have used here at Scambusters include Last Pass (free), KeePass (free) and RoboForm (paid-for and free versions).These will also help you generate difficult to guess passwords.
- Always log out after using your online account.If you don't, a crook, who might even be a burglar in your house, might be able to access it.These days, most online bank services will log you out automatically after a short period of inactivity. But, just to be sure, don't count on it.
- See if your bank offers extra security through what is known as "two factor authentication."Without going into all the details, this involves two steps to verify the identity of someone trying to access a site, computer or network. For example, in addition to the first step of logging into your account via your user name, password, site key, etc., you'd also need a second step such as receiving a text message with a unique number that you enter each time you try to access your account.More and more banks are offering this service or other additional security codes and passwords to make it tougher for crooks to crack.To learn more about two factor authentication, see Wikipedia's entry on Two-Step Verification.
- Arrange balance and transaction notifications.
Most banks will now send you regular emails, either at daily or other intervals you specify, or when there's any movement in your account.
What About Your Bank?
All of this is fine, of course, but it's based on the assumption that you're working with a genuine, properly constituted bank.
That may not necessarily be the case.
Just as crooks set up phony online stores, they're also perfectly capable of establishing what seem to be rogue banking sites that look real.
So, if you're just starting out with online banking, the US Federal Deposit Insurance Corporation (FDIC) recommends that you read the "About Us" section on a bank website, looking for its history, its official name and HQ address, and its FDIC insurance coverage to ensure your funds are properly protected.
It should carry the FDIC logo but, of course, that can easily be forged.
You can also visit the FDIC's BankFind Home site and search on the name of the bank to ensure it's listed.
Just because a bank isn't registered with the FDIC doesn't mean it's a scam. But it would be unusual enough to set alarm bells ringing. Or it could be an overseas bank that doesn't have FDIC protection for your funds if it goes bust.
Either way, you should be wary. If the bank isn't on the list, contact the FDIC toll free at 1-877-275-3342.
Finally, one golden rule, whether you bank online or offline: Never provide account details in response to messages, including SMS texts, emails or pop-ups.
You may be told your account is frozen, systems are being upgraded or all sorts of stories calculated to convince you to disclose the information.
But banks don't work that way and nor should you.
Now you're set for safer online banking -- but don't let your guard down!
Time to conclude for today -- have a great week!