Checking your account balance, paying bills and managing your finances...nowadays, it is pretty normal to do all these things online. However, are you sure you really do them in the most secure way? Since ESET is a partner and active participant in European Cyber Security Month, October offers us a good opportunity to offer some top tips for safe and secure online banking.
- Use a trustworthy device
The first and most basic principle when connecting to your online account is to use a trustworthy device. Your own computer, tablet or smartphone is mostly the best choice, as you would be more likely to notice any suspicious activity (such as your device acting strangely). If possible, try to avoid using borrowed or public devices that might put your account and savings at risk.
- Be careful where you connect
Not every internet connection is secure enough to be used for online banking or payments. Public Wi-Fi in your favourite coffee shop or a random network available at the town square may not necessarily be the best options to check your savings or pay bills. If you have to use this kind of connection, use a virtual private network (VPN) to keep your communications encrypted (and unreadable to anyone who would try to intercept them).
- Update your computer to the max
Keep your operating system and software up-to-date. This closes loopholes cybercriminals are looking to exploit (which also allows them to infect your machine). To save yourself time and maximise your protection, many programmes offer automatic updates and can check for patches or new versions themselves, without requiring your attention.
- Use a reliable and updated security solution
Before you connect to your online banking account or pay for anything online, install a reliable, multilayered and updated security solution. This offers protection from multiple types of malware, as well as malicious tricks that might be disguised as harmless emails or websites luring you into giving up your sensitive information.
- Create a strong password and don’t reuse it
Ask yourself, is your password for your online banking account really secure? If you are not sure what that entails, this short guide is really useful.
One of the most important rules is to never reuse your password. We understand that it’s difficult to come up with a complicated, hard to guess combination every time, but using the same password for your bank, social media and other accounts can lead to disaster in case it leaks from any one of them. A very useful and easy to remember alternative is a pass phrase. Also, you can use a password manager that will store all of them and allow you to remember just one master password.
- Use two-factor authentication
If your bank offers two-factor authentication (2FA) for your online account, use it. This way the bank can double check if it is/was really you connecting or making a transaction by using something only you have – such as your personal smartphone. So even if your password ends up in the wrong hands, without the second verification it is useless.
- Don’t get lured into traps
Cybercriminals will literally try anything to get to your sensitive information or data, like pretend they are your banker, pose as a notification, or ask you to change the password via a link added to the email you just received.
Those are just some of the lies they will try to in order to trick you into giving up payment card data or the password to your account. Remember, if you get any message asking you to change your banking credentials or to click on a link, be confident that it’s genuine. Your best shot is to contact them over the phone or stop by in person.
- Use the log out button
Not using your online banking anymore? Log out. If an attacker tries to hijack your session, without being logged into the account, he/she can do less damage.
- Activate notifications via SMS
If you are one of those people who check their online banking account once a month or even less frequently, set up notifications to your phone. Having information about all the current transactions makes it much easier to recognise any suspicious activity.
Article by Ondrej Kubovic, blogger for We Live Security