Just How Safe Is Online Banking?

Uploaded on 2016-12-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

More and more people are choosing the convenience of banking online. But is it safe? What can you do to make sure your bank account isn't emptied by fraudsters?

Fraud is a constantly evolving problem but, broadly speaking, these are the main ways scammers can actually get their hands on your money:

1.    Remote purchase or ‘card not present’ fraud

By far the most common type of fraud, with losses of £398.2m in 2015, remote purchase is when card details are stolen, for example, through a computer virus or an unsolicited email/phone call. See 6. Phishing and Vishing, and used to buy things online, by phone or mail order.

2.    Counterfeit (cloned/skimmed) fraud

When a fake card is set up using stolen details from the magnetic stripe on a card. Crooks can use the cloned card in countries where chip and Pin isn’t available, such as the US.

3.    Fraud on lost or stolen cards

These can be used online, over the phone or in shops that don’t have chip and Pin. Criminals also ‘shoulder surf’ to watch people enter their Pin and then use it more widely. Read about your rights if your card has been lost or stolen. 

4.    Card identity theft

This takes two forms: account takeover, where a fraudster infiltrates an existing account to order a new card and Pin, and application fraud, setting up a new account using stolen details. 

5.    Card non-receipt

When fraudsters steal post to intercept a new/replacement card, then use it to commit card fraud and ID theft. Anyone with a communal letterbox is at greater risk of this type of fraud. Take our test to see if you're at risk of identity theft. 

6.    Phishing/Vishing

Phishing emails are sent by criminals posing as genuine companies such as a bank or HMRC. Clicking on a link takes you to a fake website where fraudsters steal financial or personal details. You type in your security details, thinking they’re secure, and unwittingly pass them on to thieves.

Or, the link might install malicious software, malware, on your computer as another means to capture details. Thieves can steal your password by tricking you into installing a program on your computer that records what you type, so when you next log on to your online account, the program secretly records your password details. It then sends them to a thief over the Internet. 

Telephone fraud, or vishing, is particularly sneaky. Fraudsters call up pretending to be the police or your bank’s fraud department and warn you that your account has been compromised to trick you into moving your money somewhere ‘safe’. Some tell you to call the genuine number for your bank to ‘verify’ the call, then play a dialing tone while they stay on the line, before posing as your bank and conning you into giving them sensitive information. 

Protecting your online bank account

The two key ways thieves can access online bank accounts are through phishing and password theft, but it’s easy to protect yourself from these and other scams.  

Common sense is the best protection against phishing scams. Don’t click on any links in emails that say they’re from your bank. Instead, type your bank’s full website address into your browser. If you want to double-check if a message is genuine, ring your bank.

Good security software will protect your computer against malicious software, as will not opening any email attachments you're not expecting and avoiding downloading files from websites you don’t trust.

Know your rights: Think you may have given a fraudster your bank details? Find out what to do.

If you're a victim of online bank fraud

You should regularly check your account online to pick up on any irregularities and contact your bank as soon as possible if you think you've been a victim of fraud. Your bank is responsible for passing details of the fraud to the police.

Your bank must refund the amount of the transaction and restore your account to the state it would have been in had the transaction not be made, unless it can prove that you've acted fraudulently or been grossly negligent. Importantly, you don't have to prove that you didn't authorise the transaction.  

Which:            Hackers Target All The Major UK Banks:               Big Hack At Tesco Bank – Money Vanished:
 

« Yes, Russia Weaponised Social Media In The US Elections
Banks Plan To Hoard Bitcoins »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

EG-CERT

EG-CERT

EG-CERT is the national Computer Emergency Response Team for Egypt.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

Zecurion

Zecurion

Zecurion data loss prevention (DLP) solution is an easy-to-use solution for securing confidential data at rest and in motion.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

CyberNet Albania

CyberNet Albania

Cybernet Albania has been providing IT support and services to small businesses since 2016. We strive to eliminate your IT issues before they cause downtime and impact your operations.

Kocho

Kocho

Kocho (formerly TiG) is a provider of identity and access, cyber security, cloud transformation, and managed IT services.

Kontex

Kontex

Kontex is a Cyber Security consultancy creating resilient solutions. From Strategy, Advisory and Implementation to Management and everything in between.

CYSIAM

CYSIAM

CYSIAM provides world-leading expertise in offensive security and critical incident response. We train our clients to be able to protect themselves and respond to attacks and breaches when they occur.

Private Client Cyber Security (PCCS)

Private Client Cyber Security (PCCS)

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

European Data Protection Supervisor (EDPS)

European Data Protection Supervisor (EDPS)

The EDPS is the European Union’s independent data protection authority. We monitor and ensure the protection of personal data and privacy when EU institutions and bodies process personal information.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.