Six tips to keep online banking safe | will never contact you by phone to sell you any financial product. Any calls like this are not from Moneyfacts. Emails sent by will always be from Be Scamsmart.

Michael Brown

Content Writer
Published: 28/03/2019

At a glance

  • Use different passwords for different sites.
  • Change your passwords regularly and make them difficult to crack.
  • Avoid using names, birthdays and other personal details that might be visible on social media.

Guide contents

Internet banking has been a great innovation for customers. Now with a laptop and an internet connection you can check your balance, pay bills, transfer money and a host of other things from the comfort of your own home. And, with the introduction of smartphones, Wi-Fi and 4G you can bank anytime and anywhere… but is online banking safe?

It’s a sad fact that while banking online has become easier, the scammers and cyber-criminals have got smarter and more sophisticated. Here we’ll give you six simple ways you can keep your money in your bank account and out of the criminals’ pockets:

1. Never use the same password for different accounts

Tempting as it may be, don’t use the same password for differing accounts. While you might find it easier to remember, it also means that if a criminal finds out (or guesses) your password, they now have access to all your banking. Instead, play safe and use a different password for every bank, building society and credit card provider you use.

Best of all, if you have a smartphone with fingerprint recognition, you can use this to login instead of a password to a banking app.

2. Update passwords regularly and keep them secret!

At the very least you should be changing your banking password every six months. Once you have changed your passwords, keep them to yourself – never write your passwords down. If you have trouble remembering a password why not try to use a short but memorable sentence instead. The securest passwords are those that have both numbers and symbols in them. So, a good memorable password might be: Rugbyteamshave15playerseach!

3. Beware scammers on phishing trips

What is phishing?

Phishing is a popular way for cyber-criminals to attempt to trick you into revealing your security details by impersonating your bank or another larger organisation via email. Phishing emails will often say things that are designed to worry or fluster you into acting straightaway.

A common ploy is to send an email saying that your bank account has been hacked or compromised in some way, encouraging you to click on a link to secure your account. Of course, the link will simply take you to a fake site that asks you to input your security details and, as soon as you do, the criminals have a way of accessing your account.

Is it easy to spot a phishing email?

Phishing emails range from those that are designed to look extremely realistic and convincing through to poorly laid out and written communications. Some are easy to spot, for example if it is from an institution you do not deal with, but others need you to pay careful attention to identify that they are not genuine. Here are some ideas of what to look for to identify a phishing email:

Check the email address of the sender. Does it match with the website address of the company it’s meant to be from? If it doesn’t and for example it is from a Gmail, Hotmail or similar personal email address, then it is likely to be a fake.
Does the email use your name or just a generic greeting like ‘Dear customer’? A real bank will ALWAYS use your proper name.
Does the email look ‘cheap’ or badly put together? Be especially aware of any obvious spelling mistakes, such as ‘sircurity’ instead of ‘security’.
Phishing emails will always sound urgent. The criminals count on your acting quickly and not reading the email a little more closely.
Be careful not to call any telephone numbers on the suspect email – these are often fake as well.

If you have any concerns about an email or text you have received, then you should leave it and report it to your bank. Phishing scams come in all shapes and sizes, so it always pays to be careful when online. Never click on a link in an email or text unless you have verified it to be a proper communication.

4. Be careful if you are using a public Wi-Fi

These days Wi-Fi is everywhere. From shops and superstores to cinemas, restaurants, bars, pubs and even bus stations you can log-on to a public Wi-Fi and start to surf the net. However, these public Wi-Fi areas are nowhere near as secure as the password-protected Wi-Fi you use at home. When the password is pinned up over the bar or printed in a menu this is not a secure network!

If possible, never use a public Wi-Fi to login to your bank via the internet or an app. It is frighteningly easy for criminals to access your details if they are logged into the same private Wi-Fi as you.

If you absolutely must use a public Wi-Fi service, then make sure you use a virtual private network (VPN).

What is a VPN?

Simply put, a virtual private network hides your IP address from unfriendly electronic eyes. Any mobile security app worth its salt will have this feature to keep you safe on public Wi-Fi.

5. Invest in anti-virus software and keep it up to date

Anyone who uses a home PC, laptop, tablet or smartphone knows that using the internet without some form of anti-virus or security software is like swimming in a crocodile-infested river. You might get lucky for a while but eventually it’s not going to end well.

Online security software should have at least a firewall and anti-virus elements to be effective and, considering that there are even free-to-use programs out there, the cost can be as high or low as you like. Ideally, your security software should also scan incoming emails to filter out any containing viruses. Some even have anti-phishing features that will alert you to suspicious emails looking to trick you into disclosing your security details.

Just as with the real world, electronic viruses are constantly evolving – some are dying out, new ones are popping up and some are changing to better steal your money. Therefore, it’s important that you keep your antivirus or security software up to date. Just as last year’s flu jab may be no protection against this year’s flu virus, just so your antivirus needs to be recent and relevant to help protect you.

What is two-factor authorisation?

Many websites – especially for online banking and credit cards – are starting to introduce what’s called ‘two-factor authorisation’ (sometimes also called two-step authentication). This is designed to make your transactions even more secure by sending you a text message with a unique code every time you log-in.

This means that even if a criminal has your login details and password they will not be able to access your account, unless they also have your mobile phone too. This is also valuable to alert you instantly if someone other than you is trying to access your account.

6. Be careful what you share publicly on social media

Social media has become almost intrinsic in our everyday lives. Almost without thinking we broadcast:

  • Pictures of ourselves
  • Our birthdays
  • Where we live
  • Where we were born
  • The names of relatives, friends and pets
  • Our hobbies and pastimes
  • The films, books and music we like
  • Even what TV programmes we are watching…

For some people, this is the same information they use to answer their banking security questions used to identify themselves to their bank. A cyber-criminal can sit back and harvest all the important information they need in short order, simply by looking at your social media accounts.

To avoid the nightmare of having your identity stolen and your bank account cleaned out, be careful what you post:

  • Restrict who can see your profile information to people you have linked to and avoid making anything ‘public’.
  • Only link to people you know or limit the access you give to a casual acquaintance or a ‘friend of a friend’, if you are able.
  • When it to comes to your memorable information and security questions for online banking, play safe and use info that doesn’t appear on your social media. If you must use info that others can guess in banking security questions, then deliberately reverse the words or scramble them so it is memorable to you but that a criminal won’t know.

Disclaimer: This information is intended solely to provide guidance and is not financial advice. Moneyfacts will not be liable for any loss arising from your use or reliance on this information. If you are in any doubt, Moneyfacts recommends you obtain independent financial advice.

At a glance

  • Use different passwords for different sites.
  • Change your passwords regularly and make them difficult to crack.
  • Avoid using names, birthdays and other personal details that might be visible on social media.

Guide contents

Cookies will, like most other websites, place cookies onto your device. This includes tracking cookies.

I accept. Read our Cookie Policy