Is Online Banking Safe? If You Do It Right

Summary: There are many cyber security risks related to online and mobile banking. Learn about the risks and the current attack methods in use by bank fraud cyber criminals. There are ways to reduce the risks and protect your online banking transactions.

Mobile banking has been around for decades and is used more than ever. Over 44 percent of banking is done through mobile apps. However, along with the rise in online banking, cyberthieves continue to develop new ways to attack online financial activities and steal money.

Are Banking Apps Safe?

While there are no guarantees concerning cyber security, it is widely accepted that mobile banking apps are safe if you follow standard cyber security best practices. Banks spend significant resources locking down their online banking cyber security. However, banking customers should be aware of the types of cyberattacks that are part of the current attack landscape:

• Counterfeit Banking Apps – Hackers design bogus banking apps to look and function like the authentic apps. You should only download banking apps certified by your bank. As financial institutions, banks typically have the most advanced data encryption and safeguards.
• Banking App Trojans – Using banking apps that are not verified by your bank can open the door for trojan horse attacks trojan malware surreptitiously downloads along with illicit apps. Then, when an authenticated banking app is opened, the malicious code comes to life and creates a pop-up that fills the screen and appears to be the bank’s legitimate login page. Once the login credentials have been entered, the user is logged into the bank’s legitimate login page without their knowledge. If this happens, your online banking is compromised.

Mobile Banking Security

The COVID-19 pandemic launched unprecedented levels of remote-access work. Pandemic lockdowns left employers scrambling to create new remote work models and security experts laboring to keep the post-pandemic workforce safe. Working on home networks presented many unique cyber security challenges. However, working outside your home network, using mobile devices such as cell phones, tablets and laptops, is even less secure. This means that mobile banking security is more complex than security of online banking performed in your home office. Banking while out and about presents new vulnerabilities. However, there are simple steps to make mobile banking more secure:

• Only Use Certified Mobile Banking Apps from Your Bank – By using your bank’s own app, you will get a clean, virus-free download. Also, when using your bank’s official app, you will also get all the cyber protections built into their platform.
• Use Strong Passwords – Using birth year, anniversaries or 2222 for passwords is no longer an option. Hackers have developed automated ways to guess simple passwords associated with things in your life. Unique, multi-character passwords containing a combination of upper- and lower-case letters, numbers and special characters are best. Cyber security professionals now recommend using a password manager (also known as a password locker). A reputable password management app will generate complicated passwords and securely store them for you. You can access them from any device.
• Only Access Online Banking Apps Using Multifactor Authentication – Multifactor authentication (MFA) has become standard for banking apps. With a 400% increase in cybercrime over the last few years, MFA has become a robust second line of defense for logging into online banking apps. With MFA, you are sent a random security code after entering your credentials, usually by text or email. Because the code is for one-time use and is randomly generated, MFA affords the user a great extra layer of cyber security. If you suddenly get a code when you are not trying to log in, it means someone is trying to break into your bank account.
• Do not Use Public WiFi for Online Banking – Cybercriminals love public WiFi. Unfortunately, public WiFi is an unsecured internet connection and, therefore, easy to breach. Unless you use a Virtual Private Network (VPN), you should avoid using public WiFi for all private online activities, especially banking.
• Be on “High Alert” for Phishing and Smishing Attacks – Users are responsible for their own cyber security and must learn how to protect themselves. Phishing (via emails) and smishing attacks (via texts) are created to fool users into believing the communications are from trusted sources. However, close inspection will reveal differences, particularly in the domain name associated with the sender. For example, a hacker might create an email address such as “JohnDoe@qmail.com.” At first glance, it appears to be from a Gmail account. However, it actually says “@qmail.com. One letter is easy to miss. That is why it is wise to slow down and “think before you click.” Smishing uses the same approach in text messages.
• Create Warning Alerts – Setting up alerts for suspicious banking activity is another way to stop or mitigate online banking cyberattacks. Then, when receiving an alert, it should be addressed as soon as possible by contacting the bank security department directly (not using a suggested phone number in a text).

Mobile banking and mobile banking app security is no joke. Banks work very hard to provide the most secure online banking experience. However, the vigilance of online banking customers monitoring their cyber security is essential to protecting online banking transactions. Finally, conforming to suggested banking security best practices is part of basic cybersecurity. Users must be part of their own cyber defense team and learn to avoid the risky behaviors that lead to financial cybercrimes. Contact you IT technician to schedule the installation of VPNs, password managers or for a network and device security assessment. Online banking is safer if you follow security rules and best practices.