FDIC outlines basic rules for account protection and online banking: Internet Scambusters #668
More than half of all Americans use online banking -- but all of us are at risk of theft of our confidential account information.
Now the Federal Deposit Insurance Corporation (FDIC) has issued a set of basic guidelines on how to ensure crooks don't get their hands on your bank cash.
We have their checklist for you this week, along with a phishing warning for customers of one of the big cellular phone networks.
Let's get started...
7 Tips for Safer Online Banking and Account Security
It's fast, it's incredibly convenient but is online banking safe?
As usual, it depends. That is, it depends on you and how you safeguard your privacy.
Considerably more than half of all Americans use their PCs, Macs, and mobile devices to transact business with their banks.
But, as we all know, we're not the only ones who want to use our bank accounts. Hackers and scammers will also use them if they can only get their hands on our account details.
And even if you don't bank online, the information you store on your computer or mobile device can still open the door to the fraudsters.
Mostly, we tend to think of credit card fraud as being the main target for financial fraudsters but non-card fraud costs financial institutions and their customers more than $5 billion a year.
As the financial website bankrate.com recently put it: "If it's got money in it, someone is trying to steal it."
That's a good way of thinking about your bank account, whether you handle it online or not.
Now, the Federal Deposit Insurance Corporation (FDIC) has issued a list of computer security tips for bank customers.
The FDIC, which we mostly think of as the organization that insures our deposit accounts against bank failure, says: "While federally insured financial institutions are required to have vigorous information security programs to safeguard financial data, consumers also need to know how to protect and maintain their computer systems so they can steer clear of fraudsters."
In fact, just a handful of basic computer/mobile security practices will go a long way towards keeping your account out of harm's reach.
Here are 7 key actions built around the FDIC's own checklist:
1. Protect your computer with security software including anti-virus and a firewall. These days, security software is built into most computer operating systems like Windows but not smartphones -- and some smartphones and tablets (i.e. Android devices) are more vulnerable than others (i.e. iPhones and iPads). Invest some time in researching which is the best security software -- free or paid for -- for your device(s).
2. Safeguard your mobile device, especially when using it for banking or shopping. Use apps that come from official device stores, cellular providers or the official site of your bank.
Keep security and banking software up to date and don't leave your device unattended.
"In case your device does get lost or stolen, use a password or other security feature to restrict access," says the FDIC.
"You should enable the time-out or auto-lock feature on your mobile device to secure it when it's not used for a period of time."
3. Get to know and understand your Internet safety features according to the sites you use. Does your bank and other sites where you use sensitive information scramble or encrypt data when it moves between your device and the website? Do you see the padlock icon and "https" that indicate secure access in your browser address bar?
4. Be careful about where and how you connect to the Internet. Public or other computers that aren't yours may not have up-to-date security. And don't use public Wi-Fi for banking and other secure transactions in case someone is "watching" or recording your activity.
5. Be extremely wary about clicking on links or attachments in unsolicited emails, even from people you know (whose own devices may have been compromised). They could download malware that steals your banking information.
"Your best bet is to ignore any unsolicited request for immediate action or personal information, no matter how genuine it looks," says Michael Benardo, Manager of the FDIC's Cyber Fraud and Financial Crimes Section.
"If you decide to validate the request by contacting the party that it is supposedly from, use a phone number or email address that you have used before or otherwise know to be correct. Don't rely on the one provided in the email."
6. Use strong IDs and passwords and keep them secret. We've written on this subject so many times. For example:
Yet, despite all the advice from us and many others, people still use easy-to-guess passwords, fail to update them or use the same password on multiple sites -- all highly dangerous behaviors.
7. Play it safe on social networking sites. Crooks scour sites like Facebook and Twitter for innocently-provided information like birth dates, addresses, and pets' names (often misguidedly used as passwords).
People you don't know, or imposters posing as someone you do know, may try to "friend" you and eventually persuade you to hand over confidential information or even money.
The FDIC has also produced an online video on how to guard against Internet thieves and electronic scams: Don't Be an On-line Victim: How to Guard Against Internet Thieves and Electronic Scams.
And, of course, there are many other useful sources of information about online banking security.
Don't forget though, that new hack attacks and banking fraud schemes are happening all the time. Make sure you read Scambusters to stay up-to-date.
Alert of the Week
Watch out, T-Mobile phone subscribers, for a text offering a $20 discount on your next bill.
The message, which appears to come from the cellular provider, has a link that leads to a bogus sign-on page that will steal your credentials -- and you won't get that $20 discount.
If you're a T-Mobile customer, log on independently to your own "My T-Mobile" page for details of any genuine offers.
That's all for today -- we'll see you next week.