Customers frequently favor online banking due to its convenience, offering easy access to account details and transactions with just a few taps or clicks. According to a 2023 study by Chase, 87 percent of Americans utilize their banking app at least once monthly. Nevertheless, the increased reliance on these digital platforms raises the potential for cybersecurity issues.
The Federal Deposit Insurance Corp. (FDIC) has cautioned consumers about counterfeit banking websites and apps created to pilfer personal information or funds. To ensure legitimacy, the agency advises conducting thorough research on banking websites and exercising caution with apps that request suspicious permissions.
Paul Benda, a cybersecurity expert, recounts an incident when hackers attempted to breach his bank account to steal money. “They obtained my login credentials but were unable to access my password,” mentioned the senior vice president of risk and cybersecurity policy at the American Bankers Association.
Fortunately, the cyber assailants were thwarted. “I immediately contacted my bank and secured my account,” Benda remarked.
Tips to avoid getting hacked
Four cybersecurity specialists were interviewed to gather insights on the most effective methods for consumers to safeguard their banking and financial accounts.
Paul Benda, senior vice president, operational risk and cybersecurity at the American Bankers Association
- Ensure you are accessing your bank’s official website or app to avoid falling prey to hacker-designed counterfeit sites. According to Benda, it’s crucial to verify the correct website from your bank statement or the back of your bank card, bookmark it, and use that as confirmation of your financial institution’s legitimate website.
- Opt for downloading apps solely from trusted sources such as the App Store and Google Play to evade malicious software like Trojans. Benda warns about the risks associated with sideloading apps or installing from unofficial sources, emphasizing the importance of vigilance in app selection and installation.
- When uncertain about the authenticity of a text from your bank, refrain from replying. Instead, verify the message’s legitimacy by contacting your bank using the number provided on the back of your card or through the official mobile banking app, recommends Benda.
Teresa Walsh, chief intelligence officer and managing director, EMEA, at Financial Services Information Sharing and Analysis Center
- Stay vigilant about how artificial intelligence (AI) can endanger your personal data. According to Walsh, in addition to emerging threats like deepfakes, AI is now concealing traditional indicators of cyber threats. For instance, threat actors are using AI tools to rectify spelling and grammar in phishing messages, erasing the typical signs of a malicious email or text.
- Employ distinct passwords for each bank, credit card, and peer-to-peer money transfer applications. Walsh underscores that if one password is compromised, it could potentially grant cybercriminals access to all your financial information.
- Consider using longer passwords. Walsh recommends a 16-character password, which significantly expands the potential permutations of letters, rendering it difficult for criminal programs to guess. Many individuals utilize password managers to create, store, and regularly change passwords.
Donald Korinchak of CyberExperts.com:
- Enable two-factor or multifactor authentication, enhancing security by mandating two identity verification methods. According to Korinchak, authentication falls into three categories: something known (like a password), something possessed (such as a cellphone used to validate text codes), and biometric identifiers.
- Configure alerts via email, text, or your bank’s app to monitor and promptly address any fraudulent activity. In the past, customers often remained unaware of fraud until their monthly bank statements arrived, allowing fraudulent activities to persist for up to four weeks. Alerts ensure quick notification, enabling customers to address issues in collaboration with the bank swiftly.
- Leverage your device’s security features to safeguard your data. Korinchak advises setting up functions that enable tracking of stolen devices, remote disabling, and remote data wiping to enhance security measures.
Eric Kraus, vice president and head of products and services, fraud risk and compliance at FIS, a fintech company:
- Exercise caution regarding messages that might be from potential scammers. According to Kraus, it’s crucial for consumers to refrain from responding to unfamiliar messages and embedded web links. He emphasizes that banks or credit unions will not solicit sensitive information they already possess, such as account numbers. Kraus advises contacting the bank or credit union directly to verify any doubts before sharing information via text or web.
- Implement mobile payment controls and account alerts to detect suspicious activity swiftly, recommends Kraus. Monitoring not only bank accounts but also online shopping accounts and digital wallets can help identify potentially fraudulent actions in a timely manner.
- Exercise prudence when divulging personal information on social media, advises Kraus. He highlights the risks of oversharing personal details, as the more data a hacker possesses, the higher the probability of unauthorized access to your accounts.
As per the Federal Trade Commission, reported consumer losses to fraud totaled almost $9 billion in 2022, marking a 30 percent surge from the preceding year. To prevent becoming part of this statistic, it’s crucial to familiarize yourself with various cybercrimes and methods to shield against them.
“Hackers are consistently enhancing their tactics,” mentions Korinchak from CyberExperts.com. “It’s our collective responsibility to remain watchful and proactive.”