When you think about making online payments, which ones would you say are the biggest threats? Perhaps the keyloggers that silently monitor your computer and steal your banking login credentials? You’d be surprised, but online retailers are the biggest source of stolen banking information. And that’s not all…
In recent years, circumventing the security systems is no longer the main strategy cybercriminals use. Instead, they put efforts into developing irresistible social engineering attacks. They use real details of their victims. And they scare them into unknowingly installing banking malware themselves. This would later compromise their online banking security in ways that antivirus software can hardly fight.
So, it becomes obvious that hackers never get tired of bypassing the most sophisticated banking systems and security features. For these reasons, there’s only one way to fight back the numerous online banking scams: education.
Simply relying on antivirus software is no longer an option. At least not when hackers find ways to make you voluntarily install their malicious software.
Ultimately, protection comes down to knowing how to recognize a potentially insecure environment for online banking transactions.
Follow our roundup of the 10 most important online banking safety tips. And you’ll be able to recognize such environments yourself, taking actionable steps for a secure bank account.
Remember, it’s not about the safest way to bank online! In regards to that, there’s still no bulletproof option out there. Instead, it’s about educating yourself on which are the safest actions and what things you should avoid in particular.
Are you ready?
1. Pick an effective antivirus solution and make the best of it
We remember what we just told you, that the antivirus software alone isn’t enough. Still, it is essential to have one. Without it, you would make the job of keyloggers and banking Trojans a lot easier.
If you think of it, the most difficult part for a hacker is to get your logins and passwords. After that, bypassing other security measures is just a matter of time. Oh, and if we have to say it, make sure that you’re not only running an effective AV, but also keep it up to date.
2. Use two-factor authentication, preferably the best there is out there
Most online banking services allow you to activate an SMS-based two-factor authentication service. And many would consider it among the online banking security best practices. The problem is, however, that hackers can relatively easy intercept SMSs.
Suffices for them to decide to exploit a security flaw in the SS7 protocol. Telecommunications companies use it despite knowing that it isn’t flawless. We got the proof in 2017, with the clients of some German banks, and even more recently, in 2019, with the clients of UK’s Metro Bank. They hijacked people’s security text messages.
Knowing that hackers can intercept your mobile messages… Can you imagine what they can do if they also have your banking logins and passwords? Suffices to say that nothing will stand in their way to hacking your bank account.
So, if you get the chance, it’s better to use a more secure option than the traditional SMS security codes. Think of a dedicated authenticator app or a hardware authenticator app like YubiKeys is.
3. Enable text alerts with your bank account
We know what you’re thinking… We just said it is not safe to rely on SMS as a second factor of authentication. As we’ve seen, hackers have ways to intercept those codes. However, not all hackers have these ways…
In real life, there are certainly many instances when someone can get your login credentials and simply try to get away with some kind of online payment.
If you have the text alerts service active (which, by the way, is different from the 2-factor authentication), your bank should notify you as per the agreed terms. The trigger could be your balance dropping to a certain amount. Or a larger transaction being made from your account.
4. Never log into an account from an email link
Whether it’s a bank or an online seller from where you frequently shop, it’s not unusual for them to send you emails periodically. Hackers know that too, which is why they often use it as a shield to all kinds of phishing attempts.
To avoid these common pitfalls, always check the communication with the said entities directly from your accounts on their websites. You don’t need to use your email to see important messages from your bank.
You can just open the secure browser, type the URL of your bank’s website, log in from there, and check the messages you have received in there.
5. Only connect from secure networks
If you don’t know what that means, here’s another way to put it: never use a public Wi-Fi network to access your bank account or to make online payments. Such networks aren’t encrypted; therefore, anyone can look at the traffic that goes through it and read all the data, your login credentials included.
6. Don’t fall for pop-ups while banking online
There’s no reason in the world why your bank’s website or mobile app would interrupt your banking session with a pop-up. Such pop-ups that show up out of the blue, when you’re in the middle of an online banking session, are most likely the work of a cybercriminal who somehow breached your connection.
You could be on a spoofed website (if you didn’t pay attention to how you’ve got on the website in the first place) or its security might have been compromised. Either way, be wary!
7. Create strong passwords and renew them frequently
Strong passwords are a must for all your online accounts, but especially for your banking information. If you’re sure that your device is well protected against any security breach, there’s still a chance that the hackers will try and guess your password with a brute force attack.
For this kind of unfortunate event, it’s best if you don’t have a dictionary word as a password. Learn more about how to create a strong password from our guide here. Equally important, discover the best password managers here.
8. Use a secure browser or the mobile app
If you need to log into your bank account, you should do it from an encrypted channel. One of them is a secure browser – the type of feature you get with a decent security suite. The other one is the mobile app for your bank.
In case you didn’t know, banks encrypt their mobile apps, which makes this option more secure than simply using a web browser when you’re on your mobile. As always, to benefit from the highest security available, you should make sure that you’re running on the latest security certificates.
9. Only pay on websites with https in their URL
We’ve talked about it before, in this comprehensive SSL guide for beginners. The https from a website’s URL is a sign that you’re on an encrypted website. This makes the data you send unreadable to anyone intercepting it, thus keeping your payment information safe.
The bank’s website should be encrypted and you should be accessing it from a secure browser, you know that, right? But if you’re just looking to order something online and you’re asked to make a payment on the seller’s website, make sure it has the https before you consent to share any kind of information with it!
10. Lock your devices with the strongest security functions
This one should protect you if an unauthorized person would suddenly get your device. It’s a no brainer that you shouldn’t have any automatic login enabled. But since you know that there are ways to see login credentials on a device that stores such information, you should make it harder for anyone to get their hands on your device. If you have biometric login options, don’t settle for a 4-digit PIN!
The online banking malware of the 21st century is sophisticated, customized, and numerous. All these are only making it much harder than ever to stay safe. Especially in a world where shopping online is more tempting than ever.
Can you still do your job fast and secure, over the web, while staying away from the constantly growing perils? Of course, you can, as long as you keep your virtual pockets closed and always have in mind our suggestions from above. Better to be safe than sorry, isn’t that right?
If we were to sum it up, all you need to do to pay online safely is to:
- Have a malware-free device from where you make your online transactions;
- Only connect to a secure network;
- Only rely on an encrypted connection;
- Always be sure that you’re accessing the genuine website of the desired shop or bank, not a spoofed one.
Aside from following these effective security measures, make yourself a habit of monitoring your account. It doesn’t have to be a serious hit… Sometimes, hackers try to get away by removing small amounts of money from lots of different accounts.
They hope that the owner won’t notice the absence of such a small amount while they are piling up a consistent reward. But if you do monitor your account, like once a week, you should notice any suspicious transaction. If you do, you know the rule. Contact your bank as soon as possible and have them investigate the unauthorized charge.
Are you starting to feel that all this process of thoughts on how to keep your information safe online is getting much too complicated? Consider a dedicated solution that will automatically handle it all. Think of Kaspersky’s Safe Money that comes with their Internet Security suite or the Kaspersky PURE, or the Bitdefender’s SafePay, or anything else that your favorite antivirus developer has to offer.
If you don’t want them to hack your bank account and get away with it… Never stop learning how to protect yourself, while putting all that theory into practice.