Secure Online Banking
Virtually every financial institution is using the internet to communicate and allow customers to conduct transactions online. Customers today expect this convenience and, if done securely, these transactions can be as safe as those conducted in person.
Start with the Basics
Ask yourself the four questions below. If your answer is yes to all, your chances of being impacted by a cyber incident are low. If any of your answers are no, then your chances of being impacted by a cyber incident are high. Understand these risks and take the recommended actions.
Is My Computer as Secure as Possible?
Using an unsecured computer is like leaving the door of your house wide open: you are making it easy for someone with malicious intent to access your property. An unprotected machine can become infected with malware in a matter of moments, leaving you vulnerable to identity theft or other crimes.
Having up-to-date security software protection isn't an option; it's a requirement and should become as automatic as locking your doors when you leave your house. Be sure your computer is current with all operating system and application software updates. Anti-virus and anti-spyware software should be installed, running and receiving automatic updates.
In addition to taking precautions when using your own computer, practice vigilance when using someone else's. Don't use public computers or public networks for financial or other sensitive transactions. You have no control over the security of a public computer or public wireless network.
Is My Connection to the Internet as Secure as Possible?
Simply connecting to the internet makes you vulnerable to a potential attack. Using a firewall helps minimize risks by blocking malicious traffic to your computer. Make sure you have a firewall that it is turned on and kept updated. New computers may be shipped with it on by default, but you should double-check.
Just as your wallet contains lots of important and personal information that you wouldn't want to lose, so do your portable devices. Never store your laptop as checked luggage. If there is a room safe available at your hotel, use it to securely store your devices.
When entering sensitive information onto a website, look for the "https://" and check that the lock icon is present in the URL bar. This indicates that your communications are encrypted. Also pay attention to the browser you use to connect to the Internet. Keep it updated and patched, and set to auto update. If you are using a wireless network to connect to the internet, make sure encryption is enabled and change the default network name and password that come with the wireless router.
Is My Password as Secure as Possible?
Strong passwords don't have to be hard to remember, just hard to guess. A good password is at least 10 characters and uses a mix of uppercase and lowercase letters, and numeric or special characters. Each of your online accounts, especially financial ones, should have its own strong password so that if one is compromised, the attacker does not have automatic access to your other accounts.
Do I Know How to Recognize a Scam?
Keeping your computer secure is only part of the equation when conducting online banking.
You need to be alert for scams and the things you can do to protect yourself. Phishing is one of the most common scams attackers use. A phishing scam typically consists of an email that tries to entice the recipient into clicking a link or downloading an attachment. A phishing scam targeting your financial accounts will consist of an email message notifying you of a "problem" with your account and asking you to click on a link to your "financial institution's" site and submit sensitive information. This site, however, is a very convincing fake version of the legitimate site. This website may then prompt you to provide personal information such as social security number (SSN), financial institution account or credit card numbers, and/or it may download malicious software onto your computer.
Instead of clicking on the link to your financial institution's website embedded in an email, navigate to the financial institution's website on your own by typing the address directly into your browser. Beware of attached files, as they may contain malware. Open attachments only from trusted sources, and if you are in doubt, don't open it at all. You may also consider using anti-phishing software to help block many phishing-related emails.
Remember, no legitimate financial institution will ever ask you to provide sensitive information in an email.