13 Essential Online-Banking Security Tips
From 24/7 access to remote check deposits, there are many perks to online banking. So it's no surprise that more than 70 percent of American consumers do at least some of their banking online, according to the Federal Reserve.
With so many people going online to manage their money, however, threats have arisen. Hackers, malware and fraudsters abound, ready and eager to steal online-banking passwords and the money they protect.
But you don't have to resign yourself to a world of unsafe banking. Here are 13 online-banking security tips you can practice before signing in to your account. Each will help ensure a safe online-banking experience.
Credit: Jaap Arriens/NurPhoto via Zuma
Don't use a public Wi-Fi network
Though public Wi-Fi networks are easily accessible, you can't trust their security. These Wi-Fi networks are often not encrypted, making it easier for hackers to steal information from unsuspecting users.
To mitigate this weakness, never log in to your bank over a public network. Save any financial transactions for browsing at home, when you can use your private network. Or use the cellular-data connection provided by your smartphone or your own mobile hotspot. Alternatively, you can subscribe to a VPN service (virtual private network) that creates a secure tunnel through all Wi-Fi hotspots.
Credit: John Moore/Getty
Use only sites with https in the address
Encrypted sites, which convert data into unreadable gibberish before sending it, keep your private information safe online. Your bank's website should already be encrypted, although you can double-check by looking for a padlock symbol in your web address bar and the letters "https" at the beginning of the web address. There are also HTTPS browser extensions you can download that will automatically encrypt your web data if the website offers it.
Enable two-factor authentication
Many major banks offer an extra layer of security known as two-factor authentication (2FA) to protect account holders. Two-factor authentication requires you to enter an extra verification credential before you can access your account.
Anytime someone tries to log in to your account, the bank will send you a text or email with a unique code that must be entered into the bank's website along with your username and password. In most cases, 2FA is a free and easy security measure that helps prevent costly identity theft.
Disable automatic login
Do not allow your web browser to store private username and password information for your online banking websites. Some web browsers automatically store login credentials, so if that's the case for your browser of choice, disable this feature for your bank's website.
Credit: Tom’s Guide
Beware of email and text scams
Your bank will never email or text you to ask for your personal information or account details. If you receive an email or text message asking for that type of information, don't respond. Instead, call the bank's customer assistance line, which you'll find printed on the back of your ATM card or credit cards, and tell the bank about the message you received.
And remember: A stranger isn't going to randomly email you to let you know he or she wants to deposit thousands of dollars into your bank account if you'll just share your personal information. These are phishing scams and should be reported to your bank immediately.
Create a strong password
Create a strong password for your online bank account. It should incorporate lowercase and uppercase letters, numbers, and even symbols where allowed. Don't stop there, though; change the password regularly, and don't use that same password for any other website or app. You can use a password manager to help you securely generate, store, update and remember a unique password for your online banking account.
Access your bank via a dedicated channel
Banking Trojans are a form of malware that can be unintentionally downloaded to your computer or smartphone through an email attachment or download. Once granted access to your computer or phone by such a Trojan, cybercriminals can steal your financial information and drain your account.
There are a few things you can do to protect yourself from a banking Trojan.
● Use an old computer. If you have an old computer lying around, install a new version of Windows and then designate that computer exclusively to online banking — not for web browsing. Better yet, use a Mac or install Linux on that old PC.
● Dedicate a browser. If you can't afford to set aside a designated banking computer, use a web browser different from your regular browser, and use that browser solely for online banking purposes. Because Microsoft web browsers are a common virus target, non-Microsoft browsers — such as Google Chrome, Mozilla Firefox, Opera or Vivaldi — are generally better options.
● Restrict the app sources for Android devices. Unauthorized app stores are full of malicious apps. To make sure you can't access them, go into Settings, select Security and make sure Unknown Sources is turned off. (This isn't a problem for iPhones and iPads.)
Run antivirus software
Using an anti-malware program may seem like a no-brainer, but plenty of computers are currently unprotected. Antivirus software is an excellent safeguard for your computer. A good program will screen your emails, browsers and even pop-up ads to blockviruses, malware and drive-by downloads. Don't forget to keep the software updated to protect against new strains of viruses — or to get antivirus software for your Macs and Android devices, too.
Update your operating system
Never skip those periodic updates to install the latest edition of your operating system, even if it feels time-consuming or troublesome. These updates include valuable security upgrades that prevent infection by most known malware. Updating your operating system will generally require a restart, but most platforms make the process pretty simple and straightforward.
Use the bank's mobile app
Your bank's encrypted mobile app is probably more secure than the bank's website, as the app is less susceptible to the dangers that lurk on the web. Just don't forget to download the app updates that the bank periodically sends, which ensure your app is armed with the latest security credentials. And if you've got an Android device, make sure you never download apps from anywhere other than the Google Play Store.
Credit: Jaap Arriens/NurPhoto via Zuma
Safeguard your device
Even if you're diligent about not saving login information, online banking is still tied to physical devices. Your phone or computer could get lost or stolen, leaving your information vulnerable to any individuals who get their hands on it. Protect your device by locking access to it with a PIN, password or fingerprint. The harder it is to break into the machine, the harder it will be for a thief to access your private data.
Credit: Justin Sullivan/Getty
Turn off Bluetooth access
Have you ever heard of Bluejacking, Bluesnarfing or Bluebugging? If you haven't, you might soon. They're all terms that refer to hacking via Bluetooth. Cybercriminals simply tap into a phone or computer via Bluetooth and then take control of certain functions. To avoid this issue, turn off your Bluetooth function when you aren't actively using it.
Monitor your account
Most banks will alert you to potential fraud, but you shouldn't rely exclusively on those alerts. Practice due diligence and check your statements regularly for any suspicious activity. Contact your bank immediately if you notice any unauthorized charges.
As technology grows and develops, so do the threats — but luckily, you don't have to be a victim. By following the above steps, you can rest easy knowing you'll have a safe online-banking experience.
Credit: Tom’s Guide