Stay Safe When Banking Online: Top 5 Cybersecurity
The number of Americans who bank online has hit a new high every year for the past five years, growing from approximately 196 million in 2020 to 203 million in 2021. 78% of Americans now prefer to bank digitally rather than in person. Its clear that online banking is here to stay as more and more people take advantage of its ease.
Unfortunately, as we know all too well, fraudsters are opportunistic. The growth in online banking has attracted the attention of criminals who are trying to take advantage of the trend. Law enforcement officials have seen a surge in bank account-related crime, including attempts to target consumers using laptop computers or mobile devices to pay bills, check account balances or transfer funds. The FTC’s Consumer Sentinel Network received more than 2.7 million reports of fraud in 2021, including over 195,000 cases of bank fraud. That’s a staggering 70% increase from the previous year.
October is National Cybersecurity Awareness Month, a nationwide effort to raise awareness about online security and empower everyone to protect themselves against cybercrime.
In honor of National Cybersecurity Awareness Month, here are our top five tips on how to protect your account from the most common online banking scams:
1. Watch out for phishing via text message, email or phone.
This is the most popular form of cybercrime targeting consumers. Scammers use text or email messages that seem to come from the bank to trick people into giving up account passwords, Social Security numbers, account information and more.
Often these messages invite you to click on a link where you’re asked to type in personal information or log into your account.
Be aware that legitimate messages originating from your bank will never ask you to provide identifying information or your password. Also, watch for spoofed sites: these may closely resemble your bank’s website, but instead have a slightly misspelled site address.
Do not click on links or open attachments in emails claiming to be from your bank. Instead, navigate directly to the online login portal for your bank account if you’re accessing it from a web browser.
Be on the lookout for phone calls from spoofed phone numbers that seem to come from the bank. In one scam that’s been observed recently, consumers will receive a text message asking them to verify that they’ve recently made a large purchase. When they respond with a “no,” they then get a call from an 800 number that shows up in caller id as if it’s the bank.
Remember, your bank will never call you to verify your account number. If you’re ever in doubt that the caller is legitimate, just hang up and call the bank directly at a number you trust.
2. Keep your home computer free of keylogging malware.
Keyloggers are a kind of malicious software that can secretly install itself on your computer and record sensitive information like bank account numbers and passwords as you type it in. You can download this malware by accidentally clicking on a link in a phishing email, or your computer may become infected while you’re browsing what you think is a legitimate website.
Steps you can take to keep your computer and mobile devices free of malware include keeping their operating systems up to date. Don’t delay installing system software updates, since newer software has the latest security features.
Only download apps from reliable places, like the official Google Play Store and Apple Store. And maintain reliable antivirus software on all your devices. This will detect known malware and prevent it from running on your computer.
3. Don’t access your bank account through unsecured public WiFi networks.
Simply connecting to a public WiFi network can be enough for applications on your device to go online and update themselves. This means that even without accessing your bank account or financial information, you might be sending out unencrypted personal information that thieves can harvest.
If you’re connecting to secure sites (look for https:// in the browser’s address bar, or a lock icon), your information will be encrypted before it’s sent over the WiFi network. However, if a bad actor has compromised the network by installing traffic hijacking software on the WiFi router, they can instead send you to a fake “secure” site, where they’ll be able to steal your login credentials or other information.
Use cellular networks rather than WiFi whenever you need to conduct online banking business away from home.
Don’t set your laptop or phone to connect automatically when it finds available networks. Instead, only connect when you absolutely need to, and be cautious about what you’re doing online on public WiFi.
4. Use strong passwords that can’t be cracked by guessing them, employing dictionary-based automated tools or making brute-force attempts.
Criminals have treasure troves of stolen passwords available on the Dark Web. They’re constantly trying these at a range of banks to see if someone has re-used them.
They can also use stolen access to popular financial management apps as a way of getting around multi-factor authentication.
Be sure to select a strong password (the longer the better, since longer passwords require more permutations to guess) and change it regularly.
5. Enable multi-factor authentication whenever possible.
Multi-factor authentication is when people seeking access to their accounts are asked to prove their identity in more than one way. Often this means entering a code or one-time password (OTP) that they’ve sent via text message.
By ensuring that would-be fraudsters have to verify their identity a second way every time they attempt to log into your account, you make it much harder to compromise.
To protect yourself and your bank account against fraud, awareness is key. Check your Old National balances and account activity often by enrolling in digital banking. Immediately report anything that seems amiss by calling Client Care at 800-731-2265 to report suspected fraud. They'll help you close the account and open a new one. You can also set up controls and alerts that will notify you anytime a large purchase is made, or anytime a certain category of purchase is made. Here at Old National, we also offer automated fraud monitoring. If we see something suspicious, we’ll let you know right away.
Working together, we can help to protect you and your accounts against today’s most common types of fraud.
Chris Perreira is Vice President, Information Security Operations Manager. Chris is responsible for overseeing the Banks information security operations to maintain client and employee cyber safety and security.