Every day we rely a little more on the internet to do essential things: we work, shop, connect with others, and even manage our money online. With this dependence comes a legitimate concern about security and privacy — especially when we’re talking about your hard-earned money. Online banking is simple and convenient; rather than spending hours in a physical bank dealing with paperwork, you can track and manage your funds with a few clicks from your smartphone.
Unfortunately, online banking makes it just as convenient for shady characters to compromise the security of your funds. Criminals don’t need to plan an elaborate heist to rob banks anymore — all they need to do is get ahold of your personal information to potentially siphon funds from your bank account. Although most banks have solid security measures in place to prevent fraudulent activity, there are some things you can also do to help keep your information safe online.
Use strong passwords and don’t let them stagnate
Passwords are a headache to memorize and manage, so many people resort to using character combinations that are easy to remember and then repeat the same password across most or all of their online accounts. The stats prove just how common this weak security strategy is. A Google study published in 2019 in conjunction with The Harris Poll found that 13% of people in the U.S. reuse the same password across all of their online accounts and 52% reuse passwords across multiple accounts.
Using that strategy with your online banking password will put you in serious jeopardy. Hackers are continually attempting to brute-force their way into online accounts, so if your password is frequently used or easy to guess, you run a higher risk of getting hacked. To be safe, you want to change your password at least every 90 days. Also, make sure you’re using a strong character combination. Here are some tips to guide you in choosing a hack-proof password (via Google):
Use longer passwords.
Create a mix of upper and lowercase letters.
Include numbers and special characters.
Do not use common password combinations, such as “1234” or “passw0rd.”
Do not use personal information, such as your name, birthday, pets’ names, etc.
Some platforms will let you know how weak or strong your chosen password is, but if you’re signing in to one that doesn’t, you can use a password checker like this one from Kaspersky to test its strength. Also, we advise that you use a password manager to, well, manage your passwords.
Don’t open suspicious email links
Never open your banking platform by tapping or clicking a link in an email even if the message looks legitimate. Some hackers send out phishing emails that look similar to the ones your bank sends in hopes that you’ll enter your login information on a fake website. To avoid becoming a victim of such phishing attacks (via ABA), always retype the genuine URL into your browser before using it. That, or you could bookmark your bank’s authenticated website so you can be sure that you’re using the right one each time.
If you ever decide to open an email link, hover over it for a brief second. Usually, you’ll get a preview of the destination URL and then will be able to decide whether it is legitimate. Also, ignore any emails that ask you for personal information like credit card details or any other sensitive information. As a general rule, banks will not ask for your details via email due to the security risks involved. If you do get an email asking for information, call your bank to verify that the request is legitimate before sharing any details.
Use two-factor authentication
Two-factor authentication — more commonly called 2FA — is a security measure that requires an extra level of verification beyond just a password. The second factor could be a unique number that you’ll receive as a one-time code via SMS, an automated phone call to confirm your account, a prompt that pops up in an authenticator app, or something similar. If you have 2FA enabled, hackers or identity thieves would have difficulty accessing your online banking platform even if your password was leaked.
In addition to helping keep your online banking details safe, two-factor authentication is a staple security measure for all your other online accounts, too. If you haven’t already, here’s why you should always enable two-factor authentication. For many of us, 2FA seems like another hoop to jump through before we can access our accounts, but the good news is that the FIDO Alliance is working on phasing out passwords for good. Some day passwords and their accompanying problems will likely be gone, but until then, you should enable 2FA to be extra safe.
Stay away from public Wi-Fi networks
It’s fairly common knowledge that public Wi-Fi is a security risk. Why? Hackers can set up Wi-Fi hotspots for users to connect to and use in order to steal any unencrypted data sent over the network. As well, some sensitive data may be discoverable on a public network being actively monitored using sniffing software (via EFF). Because of this risk, it’s best to avoid using your online banking platforms when you’re on a public Wi-Fi network.
If you don’t have any other option, make sure that you take measures to keep your data safe. For example, always check that you are browsing secure sites by looking for “https” in the site’s URL, which triggers the lock icon in your browser. Also, use a virtual private network (VPN) every time you have to connect to public Wi-Fi. VPNs use encryption protocols to scramble your data and render it unreadable when it’s sent over a public network. Without a VPN, an internet service provider — or worse, a hacker — may be able to see which websites you visit while connected to the Wi-Fi network.
Sign up for banking alerts
We all get too many pesky notifications on our smartphones every day and you may be tempted to opt out of receiving alerts from your bank as a result, but that’s not advisable. Even if you decline to receive promotional emails, you should always sign up for instant notifications about any new activity on your bank account (via Experian). Most banks allow customers to choose which alerts they want to receive, and the categories you should always sign up for include:
New credit and debit card transactions
Personal information updates
If you get an alert about suspicious activity on your account, contact your bank immediately and, if possible, temporarily freeze your account so that new transactions can’t get through. Online banking is convenient, no doubt, but it also opens you up to the risk of losing sensitive data and even money. If you haven’t already, implementing all of these tips may help ensure your banking information does not end up in the wrong hands.