How to Prevent Personal Online Banking Fraud
Online banking fraud—the stealing of your personal information through the internet—is an increasingly common issue that banking customers face. And if it happens to you, it can be quite an ordeal to recover from. In fact, the average consumer that falls victim to online identity theft loses over $1000, and many lose far more. Fortunately, there are a number of fairly easy steps that you can take to protect your sensitive information, identity, and online financial accounts from theft. We’ll discuss some of the simplest and most effective ways in this post.
But first, let’s start by defining a few terms important to any discussion about protecting yourself online.
- Phishing – As defined by Phishing.org, “Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
- Smishing – Smishing is the same as phishing, except using SMS (text) messages instead of email, to achieve the same goals.
- Website spoofing – As Webopedia explains, "“"Website spoofing refers to fraudulent websites that masquerade as legitimate sites by copying the design of the website as well as in some cases utilizing a URL similar to the real site.
- Wireless network (WiFi) – Also known as 802.11, Wi-Fi is a networking technology that lets you connect to the internet wirelessly (i.e., without using cables). Because signals are broadcast openly, they can be more susceptible to hacking.
- Malware – According to Cisco, malware, a contraction of “malicious software,” is “intrusive software that is designed to damage and destroy computers and computer systems.” Malware includes viruses, spyware, adware, and ransomware.
Now that you know a few basic technical terms, let’s discuss how you can protect yourself from online banking fraud. Keep reading to learn about the key ways you can keep your accounts (and identity!) secure from hackers and digital scammers.
Use A Secure Network
If you are reading this article on a computer or phone, chances are you are using a WiFi network. The same networks that connect you to the internet can, unfortunately, leave you wide open to hackers. So how do you protect yourself?
One way to safeguard your sensitive personal and financial data is to avoid using public WiFi networks. As Consumer Reports writes, ”Security experts have long advised people to avoid using public WiFi networks because of the risk of being hacked,” and using public wifi can also leave your devices vulnerable to malware. For your safety, only use private networks that are password protected. So you may want to think twice before using the free wifi network at your local coffee shop.
Additionally, keep your home network secure. For the same reasons that you want to avoid using public networks, you’ll want to be sure that your own wifi is secure. You can do this by:
- Using a password to protect your network
- Running software updates on your wireless router to ensure it has the latest security features
- Purchasing new wireless routers every few years (five is a good number) to stay up-to-date with technology
- Changing your DNS server
A quick note on this last security measure: A Domain Name System (DNS) server acts as a translator between the numerical ID of a website and the address we see in our browser bar. As PCMag explains in their article “How and Why to Change Your DNS Server,” the DNS servers used by internet service providers are often not very robust—they can be quite slow, and leave your device vulnerable to websites that can gather your data. Changing yours is easier than it sounds; check out the article above to learn more about how to do it, as well as some suggestions for which DNS servers to use instead.
Protect Your Devices
Your devices are your link to the outside world, but they can connect you to more than just friends, family, and legitimate businesses. Follow these tips to keep your devices—and yourself—safe from hackers and malware:
- Never leave your phone unlocked. Use passcodes (not your birthday!) in combination with facial and fingerprint ID, as well as automatic locking after so much time not being used.
- Practice caution with apps. Only install apps from trusted developers and uninstall any apps you no longer use.
- Keep your apps updated. Especially ones that contain sensitive information, always say “yes” to those security updates. Technology is constantly changing, and even a slightly outdated app can leave you vulnerable.
- Keep your operating system up-to-date. As important as it is to keep your apps current, never say “no” to those official security updates for your operating system, which can happen as often as once a week. If your device is no longer supported by upgrades (i.e., it’s old), you need to upgrade to something newer. While most supported devices will upgrade automatically, here are some useful links for computers:
- Be extra careful with emails. Don’t download anything from an email (or an email link) unless you are absolutely sure who sent it. Most companies will never send you any files to download via email, so if you get an email with a file attached from a purported legitimate organization, assume it’s a fraudulent email that is designed to infect your computer with malware. We’ll talk about other email scams below.
- Register with the National Do Not Call Registry. Visit their website to opt out of receiving telemarketing calls, which has the upshot of helping you identify fraudulent calls
Protect Your Online Accounts
Keeping your own activity, internet, and devices safe will help protect your online accounts. However, it is still possible that something could go wrong, from company data breaches to password cracking. While many financial institutions, including Drummond Community Bank, will notify you if they see suspicious activity on your account, it’s important that you also keep an eye out, to catch any illegal transactions before things go too far. Here are three things you can do to be vigilant against fraud and identity theft:
- Check your monthly statements and report suspicious charges to Drummond, your credit card company, or other financial institutions
- Set up text message alerts for debit and credit card purchases
- Get your free credit report each year and check it for discrepancies including new accounts that you didn’t open
Additionally, practice these safe habits to make it harder for hackers to access your accounts:
- Use strong passwords: Be sure to include numbers and special characters and don’t use easy to guess things like birthdays or names. Also, don’t use the same password for more than one account. Keep in mind that your email account, which is often used to reset passwords for other accounts, is one of the most important accounts to keep secure. It’s also a good idea to change your password every few months at regular intervals. For more information, check out Harvard’s guide.
- Using two-factor authentication: Two-factor or Two-step authentication usually requires you to enter an authentication code that you receive on a trusted device that is registered to you, like your cell phone. By enabling two-factor authentication when possible, hackers won’t be able to access your account without also having access to your phone (which, of course, is locked!).
- Use a password management tool. This will enable you to store many, complex passwords, without having to write them all down or remember them. Many password managers, including those offered by Google and Apple, can even work across devices.
- Don’t store credit card information in online stores. Instead, use a secure ewallet or mobile wallet to automatically fill in your payment information.
- Only shop on websites you trust. If you enter your credit card information on a bogus website, you are giving scammers the key to your account. Stick to well-known companies that you know and trust.
Check out our guide to Personal Online Protection for more great tips!
Be Aware of Different Types of Scams
Of course, online thieves don’t have to hack your account if you simply give up your login information, or send them money directly. That’s why it’s important to be aware of the different, creative ways scammers trick individuals, so that you can spot a scam before you fall for it. The Consumer Financial Protection Bureau offers this extremely useful roundup of common scams. Here are some top ones to look out for:
- Charity scams: Scammers will call or email you, impersonating a charity, to ask for donations.
- Debt collection scams: Scammers will pretend to be a government agency or institution, requesting you to send payment for a supposed debt. (Remember: the IRS will never call you!).
- Grandparent scams: Scammers will pretend to be a grandchild in need, requesting account access or money to pay for an emergency. This is a prime example of elder financial abuse.
- Romance scams: Scammers will pretend to be someone interested in a romantic relationship, convincing unsuspecting victims to send them money or gifts.
Lastly, a large portion of online scamming happens through email or text message, in a practice called “phishing” (or “smishing”). In this kind of scam, hackers will send emails that can look like they are from legitimate companies, often with links to imposter websites (website spoofing). They will either ask you to give up your personal and account information or directly ask you for money. Unless you are sure the sender is legitimate, don’t give up your personal information through email, text messages, or links you receive from these forms of communication.
Only open emails from trusted sources and block emails from others, unsubscribe from email lists that you don’t use, and avoid clicking on links from emails—instead, type addresses directly into the search bar or contact the company directly
by phone. Here are more tips on how to spot phishing scams:
- Emails or linked websites containing spelling and grammar issues.
- Sender or website requests passwords and other account information. Legitimate businesses and institutions will never ask for your sensitive information—if you are a customer already, they have it!
- Email addresses do not match the name of the company or contain odd characteristics—for instance, an email from PayPal received from a non-PayPal address, or one where the word PayPal is spelled incorrectly.
- Email is from a government entity—while the government does conduct some business through email, official notices will come in the mail.
What to Do if You Think You’re a Victim of Online Banking Fraud
Drummond Community Bank takes seriously the security of your online bank accounts and related sensitive information. If you suspect any fraudulent activity on your account, contact us by calling or by visiting a nearby branch.
Additionally, if you suspect that you or someone you know has fallen victim to financial exploitation, call Drummond Community Bank or their financial institution, and use these resources by the Consumer Financial Protection Bureau to help you navigate the reporting process.