Is online banking safe?
Online banking has risks, but you can take simple steps to safeguard your money and your identity.
This post comes from Rob Berger at partner blog The Dough Roller.
My guess is, you bank online, too. In fact, a 2012 comScore report revealed that close to 29% of all Internet users worldwide have accessed online banking sites. This represents roughly 423.5 million people. That number is higher in North America, where more than 45% of Internet users accessed bank websites.
With increased usage, however, online banking is becoming an increasingly attractive target for hackers.
In 2011, Citigroup revealed that more than 360,000 accounts were compromised in a hacking attack that left 3,400 accounts suffering losses of up to $2.7 million. In September, Reuters reported that Iranian hackers had been targeting Citigroup, Bank of America and JPMorgan Chase with "denial of service" campaigns, making it difficult for customers to access their accounts.
More recently, CNET reported on a McAfee Labs warning about a plan by hackers to target 30 U.S. banks in the spring of 2013 and steal money from accounts. The plan has been called Project Blitzkrieg.
Such attacks raise concerns for me, not the least of which is the safety and security of our online banking transactions. Should you pay your bills online? Should you check your balance from your bank's website? Should you transfer funds online?
For me, the answer to al those questions is yes. Here's why.
Online banking is safe for consumers
Banking websites are likely hit by hacking attacks every single day. While that may be unsettling to hear, there is a silver lining. As a result of those attacks, banks continually improve their systems to effectively deal with such attacks.
In addition, even if hackers are able to steal money from your account, you will still be protected, as banks are liable for those stolen funds. (Take note that this does not apply to institutional depositors. If your bank account is under your business name, you are not covered by this protection.)
This doesn't mean that you should be complacent, though. Online banking is safe, but you should also exercise caution when banking online. There are best practices you should observe when you use any online banking service.
First, you should understand the risks of online banking. Four types of attacks are common:
- Phishing. This involves you clicking a fake link to a page that looks like it was set up by your bank. The page will have a login area where you enter your account details, and those details are sent to the scammers. With your login details -- user name, password and personal identification number -- in hand, they would be able to access your account and steal your money.
- Identity theft. Even if hackers don't steal from your account, it can be compromised by identity theft. ID thieves can capture your personal information, such as your Social Security number, and other identifying data. That data could be used to create new accounts in your name or hack into your other accounts.
- Keylogging. If you access your online banking site on public networks, such as Internet cafes or public Wi-Fi, there is a chance that you could fall prey to keylogging. Keylogging uses software that records your keystrokes to get your account details.
- Pharming. This might be a little more difficult for hackers to carry out, but it does happen. Pharming occurs when hackers are able to hijack a bank's URL so that when you try to access your bank's website, you get redirected to a bogus site that looks like the real thing.
How do you deal with all these risks?
Confirm your online bank's legitimacy. The Federal Deposit Insurance Corp. has a tool that lets your search for banks whose deposits it insures.
Be very careful with copycat websites. Be sure you do not fall prey to sites that use a name that is very similar to that of your online bank -- for example, BankofAnerica.com or Citigrop.com. When you receive an email purporting to be from your bank, don't click any links in the email. Instead, type in the URL of your bank in the address field of your browser, then log in when the site comes up. If your bank is really trying to contact you, you'll likely find a message when you access your account. You can also call the number on the back of your debit card or on your latest bank statement.
Learn more about your bank's security system. You should know how your bank encrypts your private information. When you are accessing the website, you should find a small lock or key icon to tell you that the site and your transactions are secure. You should be able to use PINs and passwords when you access your account online.
Finally, do not send personal information over email. Under no circumstances would your bank ask for personal data via email.
Protect your computer. Hacking attacks are not always directed at banks. Because many such attacks are directed at customers, you should have the latest virus and malware scanning software installed on your computer. You should also ensure that all the software you use on your computer has the latest security updates.
In addition, you shouldn't get lazy when it comes to online banking. Some banking websites have an option that offers to "remember your computer." Choosing this option would allow you to bypass some security questions if the bank's system recognizes your IP address. The problem is that hackers can spoof your IP address and make your bank think that the hacker's computer is really yours.
Do not enable this feature. Yes, you will end up answering more security questions, but it is also more secure.
Take reasonable cautions with everything you do. Do not click links on emails, do not talk to strangers, do not download anything from people you do not trust, and look both ways before crossing the street.
Let's be careful out there.
More from The Dough Roller and MSN Money:
- Bonds vs. stocks: Which is riskier?
- How to max out your retirement savings
- A 12-month plan to revitalize your finances
- 4 ways ID theft affects your credit
- 5 ways to avoid credit card rip-offs
- 10 worst government data breaches
Copyright © 2013 Microsoft. All rights reserved.
Quotes are real-time for NASDAQ, NYSE and AMEX. See delay times for other exchanges.
Fundamental company data and historical chart data provided by Thomson Reuters (click for restrictions). Real-time quotes provided by BATS Exchange. Real-time index quotes and delayed quotes supplied by Interactive Data Real-Time Services. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by SIX Financial Information.
ABOUT SMART SPENDING
LATEST BLOG POSTS
A new federal safety report shows toddlers and minority children make up a disproportionate number of drowning victims.