There’s one narrative that lending industry workers know all too well: direct online loan lenders getting calls from customers claiming their bank accounts have been hacked, with thieves wiping out hundreds or thousands of dollars.
While some of these cases turn out to be fibs after further investigation, others are true as customers gladly hand over police reports to prove their ordeals. The reports often show a pattern of customers not taking strong steps to safeguard their bank accounts, making it too easy for someone with negative intentions to access their funds.
You can prevent your bank account from getting hacked by using the same level of caution to secure your bank account online as you would physical cash and other valuables in your home that you can see and touch. To protect your valuables, you certainly would ensure that your doors are locked, and you might install a sophisticated alarm system to keep intruders out. Likewise, take all the steps mentioned below to prevent access to your money in cyberspace.
Avoid birthdate-based passwords:
Let’s start by playing detective. Put yourself in a thief’s shoes by asking yourself, “How can I get access to a person’s bank account?”
You’re probably thinking about your password, right? And you should, as hackers can figure it out if it’s too weak. Not only should you change your online banking password regularly, you should also avoid choosing one that someone close to you might be able to guess. For example, don’t use a password with your date of birth at the end of the city you were born, or one with your favorite color or animal, even if you add a star or asterisk at the beginning or end. Always think of a variety of password combinations when it comes to outsmarting a thief.
Fortunately, since financial companies are generally using more advanced password scripts today, compared to say 5 to 10 years ago, people are being forced to make their passwords fairly complex. It’s common for a new customer trying to create an online loan account to see warnings like, “Your password must contain a capital letter, a number, and a special character.” These newer password scripts have forced hackers to resort to plan B, which is to get access to your bank account through phishing emails.
Beware of phishing emails:
Phishing is one of the oldest, easiest, and most effective way hackers get into your bank account, so it’s important that you know as much about it as possible to protect yourself. And just like it sounds, phishing means something fishy: someone secretly fishing for your information online. The phisher sends out fake emails, making them appear as if they’re being sent by a reputable company, often under disguised subject lines like, “Security issue regarding your account.” Depending on how much information the phisher has collected about you, they can add the name of your bank or payment processor before the word “security” and even change the generic “Dear customer” salutation to your first name. S
The phisher wants you to open these emails and sign into your bank account to see what’s wrong. As soon as you do that, they can access your account as the emails usually contain an attachment that may look like an official document but really is a trojan or spy program. The spy program automatically installs itself on your computer when you open the attachment and captures your username and password while you type them.
Other phishing emails may contain a link for you to click for “help.” In reality, you’re more likely to be hurt than helped if you click on the link. To determine if the link is legitimate, hover your mouse over the link while glancing at the status bar at the bottom-left of your screen, to see the website it will direct you to. If the site does not appear to be legitimate, exit the email. Also, always install antivirus software with Internet security add-ons to block spyware and malware. Even if you have antivirus protection, it is safest to avoid opening phishing emails.
Watch out for Smishing and Shimming scams
Smishing is similar to phishing, but instead of sending you an email, the hacker will text your phone. Again, you’ll get a message saying there is a problem with your bank account with a telephone number to call to resolve the issue. If you text back or call the number, the scammer will ask you more questions to try to get enough information to get into your account. Do not text back and do not call the number to avoid becoming a victim of this scam.
With shimming, the hacker will use a card skimmer to try to steal your debit or credit card information. The more sophisticated shimmers are thin, card-sized devices that are hard to detect when installed into an ATM. They fit between your card chip and the ATM or point-of-sale chip reader.
Even your bank-issued, chip-embedded card can be read with these new shimmers, so your best bet is to use your debit or credit card at a frequently-monitored ATM in a bank, or one in a busy place, rather than isolated ATMs with no surveillance cameras above them to deter hackers. The Better Business Bureau indicates that if your card appears to be tight in the reader slot, it could be a sign that there’s a shimming device installed. If you notice this, use another ATM.
Hackers tend to prefer shimming at gas stations since dozens of customers are using their cards at gas pump readers then quickly driving away. Usually, by the time the customer finds out their bank account has been hacked, they are miles away or they may even be in another state, which can make an investigation difficult.
What can you do to fight back? The Better Business Bureau recommends updating your card to tap-and-pay if it’s available at your bank or using tap-and-pay on your smartphone. Though not foolproof, this type of near field communication technology makes it harder for hackers to get your banking information.
Use wired connections over wireless when possible
Wireless Internet connections are generally safe when they are encrypted with a good password, so make sure you are not using the same password for your online banking, your social media and email accounts, and wireless router. You’re setting yourself up to get attacked by a hacker if the hacker figures out your router password and then get access to most or all things you log in to. If you have trouble remembering passwords and prefer to use just one or two, you might be better off using a wired Internet connection. It makes sense too because, in the case of a wireless connection, your data is not trapped in a cable but transmitted through the air like radio waves in a way that a hacker can tune into if the connection is not secure. It’s therefore very risky to access your mobile banking app on a free public Wi-Fi network. This cannot be emphasized enough as it’s like jumping into shark-infested waters unprotected. Hackers are waiting for you on free Wi-Fi systems so they can access your banking app by sending a fake bank server certificate to you in hopes that the app would accept the certificate so they can steal your account details. This type of access is called man-in-the-middle attack, so make sure your wireless connection is always secure.
Pay attention to apps you’re downloading
Mobile banking apps are safe to use since they’re issued by your bank and have the necessary security features installed to prevent illegal access. What you should be careful about is where you download your apps, banking or otherwise. Always ensure that you’re downloading your apps from the official Apple or Google Play Store. Remember, cybercriminals are always trying to create fake replicas of official apps to access your information. It’s what they do, and apparently, they’re succeeding according to an Avast survey of 40,000 consumers in 12 countries. Some 58 percent of the respondents thought a real banking app was fake. Just as shocking, more than a third, 36 percent, mistook the fraudulent app for the real thing.
The Avast survey also found that consumers are more concerned about the safety of their checking account than they are about losing a wallet or purse.
Safeguard a high balance
Your checking account balance can look really appealing to a would-be thief if you keep a lot of money in it to avoid paying monthly banking fees. Some banks entice you by promising to waive their monthly fees if you keep a daily balance of $1,500 or more in your checking account. To protect your account, make sure you ask the bank to place part of your money on hold to prevent hackers swiping your account clean if they ever get access to it. If the bank’s minimum is $1,500, ask them to hold an amount that you’re sure you won’t be spending between paychecks – say $1,200 – while you use the remaining $300.
Following these steps can go a long way in preventing your bank account from getting hacked and giving you the peace of mind you should have when it comes to your money online.
Posted in: Financial Tips
Disclaimer: This article provides general information only and does not constitute financial, legal or other professional advice. For full details, see MoneyKey's Terms of Use.