Six tips to keep online banking safe

Internet banking has been a great innovation for customers. Now with a laptop and an internet connection you can check your balance, pay bills, transfer money and a host of other things from the comfort of your own home. And, with the introduction of smartphones, Wi-Fi and 4G you can bank anytime and anywhere. 

But is online banking safe? It’s a sad fact that while banking online has become easier, the scammers and cyber-criminals have got smarter and more sophisticated. Here we’ll give you six simple ways you can keep your money in your bank account and out of the criminals’ pockets:

Tempting as it may be, don’t use the same password for differing accounts. While you might find it easier to remember, it also means that if a criminal finds your password, they now have access to all your banking. Instead, play safe and use a different password for every bank, building society and credit card provider you use.

Best of all, if you have a smartphone with fingerprint recognition, you can use this to login instead of a password to a banking app.

At the very least you should be changing your banking password every six months. Once you have changed your passwords, keep them to yourself. If you have trouble remembering a password why not try to use a short but memorable sentence instead. The securest passwords are those that have both numbers and symbols in them. 

Phishing is a popular way for cyber-criminals to attempt to trick you into revealing your security details by impersonating your bank or another larger organisation via email. Phishing emails will often say things that are designed to worry or fluster you into acting straightaway.

A common ploy is to send an email saying that your bank account has been hacked or compromised in some way, encouraging you to click on a link to secure your account. Of course, the link will simply take you to a fake site that asks you to input your security details and, as soon as you do, the criminals have a way of accessing your account.

Phishing emails range from those that are designed to look extremely realistic and convincing through to poorly laid out and written communications. Some are easy to spot, for example if it is from an institution you do not deal with, but others need you to pay careful attention to identify that they are not genuine. Here are some ideas of what to look for to identify a phishing email:

• Check the email address of the sender. Does it match with the website address of the company? If it doesn’t and for example it is from a Gmail, Hotmail or similar personal email address, then it is likely to be a fake.
• Does the email use your name or just a generic greeting like ‘Dear customer’? A real bank will ALWAYS use your proper name.
• Does the email look ‘cheap’ or badly put together? Be especially aware of any obvious spelling mistakes, such as ‘sircurity’ instead of ‘security’.
• Phishing emails will always sound urgent. The criminals count on your acting quickly and not reading the email a little more closely.
• Be careful not to call any telephone numbers on the suspect email – these are often fake as well.

If you have any concerns about an email or text you have received, then you should leave it and report it to your bank. Phishing scams come in all shapes and sizes, so it always pays to be careful when online. Never click on a link in an email or text unless you have verified it to be a proper communication.

These days Wi-Fi is everywhere. From shops and superstores to cinemas, restaurants, bars, pubs and even bus stations you can log-on to a public Wi-Fi and start to surf the net. However, these public Wi-Fi areas are nowhere near as secure as the password-protected Wi-Fi you use at home. When the password is pinned up over the bar or printed in a menu this is not a secure network. 

If possible, never use a public Wi-Fi to login to your bank via the internet or an app. It is frighteningly easy for criminals to access your details if they are logged into the same private Wi-Fi as you.

If you absolutely must use a public Wi-Fi service, then make sure you use a virtual private network (VPN), which will hide your IP address from unfriendly electronic eyes. 

Online security software should have at least a firewall and anti-virus elements to be effective. While some protection plans are free, consider spending some money to gain comprehensive electronic protection.

Paid for programmes should also scan incoming emails to filter out any containing viruses. Some even have anti-phishing features that will alert you to suspicious emails looking to trick you into disclosing your security details.

Just as with the real world, electronic viruses are constantly evolving – some are dying out, new ones are popping up and some are changing to better steal your money. Therefore, it’s important that you keep your antivirus or security software up to date. 

Many websites – especially for online banking and credit cards – are starting to introduce what’s called ‘two-factor authorisation’ (sometimes also called two-step authentication). This is designed to make your transactions even more secure by sending you a text message with a unique code every time you log-in.

This means that even if a criminal has your login details and password they will not be able to access your account, unless they also have your mobile phone too. This is also valuable to alert you instantly if someone  is trying to access your account.

Social media has become almost intrinsic in our everyday lives. Almost without thinking we broadcast:

• Pictures of ourselves
• Our birthdays
• Where we live
• Where we were born
• The names of relatives, friends and pets
• Our hobbies and pastimes
• The films, books and music we like
• Even what TV programmes we are watching…

For some people, this is the same information they use to answer their banking security questions used to identify themselves to their bank. A cyber-criminal can sit back and harvest all the important information they need in short order, simply by looking at your social media accounts.

To avoid the nightmare of having your identity stolen and your bank account cleaned out, be careful what you post:

• Restrict who can see your profile information to people you have linked to and avoid making anything ‘public’.
• Only link to people you know or limit the access you give to a casual acquaintance or a ‘friend of a friend’, if you are able.
• When it to comes to your memorable information and security questions for online banking, play safe and use info that doesn’t appear on your social media. If you must use info that others can guess in banking security questions, then deliberately reverse the words or scramble them so it is memorable to you but that a criminal won’t know.