Just How Safe Is Online Banking?

More and more people are choosing the convenience of banking online. But is it safe? What can you do to make sure your bank account isn't emptied by fraudsters?

Fraud is a constantly evolving problem but, broadly speaking, these are the main ways scammers can actually get their hands on your money:

1.    Remote purchase or ‘card not present’ fraud

By far the most common type of fraud, with losses of £398.2m in 2015, remote purchase is when card details are stolen, for example, through a computer virus or an unsolicited email/phone call. See 6. Phishing and Vishing, and used to buy things online, by phone or mail order.

2.    Counterfeit (cloned/skimmed) fraud

When a fake card is set up using stolen details from the magnetic stripe on a card. Crooks can use the cloned card in countries where chip and Pin isn’t available, such as the US.

3.    Fraud on lost or stolen cards

These can be used online, over the phone or in shops that don’t have chip and Pin. Criminals also ‘shoulder surf’ to watch people enter their Pin and then use it more widely. Read about your rights if your card has been lost or stolen. 

4.    Card identity theft

This takes two forms: account takeover, where a fraudster infiltrates an existing account to order a new card and Pin, and application fraud, setting up a new account using stolen details. 

5.    Card non-receipt

When fraudsters steal post to intercept a new/replacement card, then use it to commit card fraud and ID theft. Anyone with a communal letterbox is at greater risk of this type of fraud. Take our test to see if you're at risk of identity theft. 

6.    Phishing/Vishing

Phishing emails are sent by criminals posing as genuine companies such as a bank or HMRC. Clicking on a link takes you to a fake website where fraudsters steal financial or personal details. You type in your security details, thinking they’re secure, and unwittingly pass them on to thieves.

Or, the link might install malicious software, malware, on your computer as another means to capture details. Thieves can steal your password by tricking you into installing a program on your computer that records what you type, so when you next log on to your online account, the program secretly records your password details. It then sends them to a thief over the Internet. 

Telephone fraud, or vishing, is particularly sneaky. Fraudsters call up pretending to be the police or your bank’s fraud department and warn you that your account has been compromised to trick you into moving your money somewhere ‘safe’. Some tell you to call the genuine number for your bank to ‘verify’ the call, then play a dialing tone while they stay on the line, before posing as your bank and conning you into giving them sensitive information. 

Protecting your online bank account

The two key ways thieves can access online bank accounts are through phishing and password theft, but it’s easy to protect yourself from these and other scams.  

Common sense is the best protection against phishing scams. Don’t click on any links in emails that say they’re from your bank. Instead, type your bank’s full website address into your browser. If you want to double-check if a message is genuine, ring your bank.

Good security software will protect your computer against malicious software, as will not opening any email attachments you're not expecting and avoiding downloading files from websites you don’t trust.

Know your rights: Think you may have given a fraudster your bank details? Find out what to do.

If you're a victim of online bank fraud

You should regularly check your account online to pick up on any irregularities and contact your bank as soon as possible if you think you've been a victim of fraud. Your bank is responsible for passing details of the fraud to the police.

Your bank must refund the amount of the transaction and restore your account to the state it would have been in had the transaction not be made, unless it can prove that you've acted fraudulently or been grossly negligent. Importantly, you don't have to prove that you didn't authorise the transaction.  

Which:            Hackers Target All The Major UK Banks:               Big Hack At Tesco Bank – Money Vanished:
 

« Yes, Russia Weaponised Social Media In The US Elections
Banks Plan To Hoard Bitcoins »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Micro Systemation AB (MSAB)

Micro Systemation AB (MSAB)

MSAB is a leader in the provision of forensically secure tools for the extraction and analysis of data from mobile devices.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

Secusmart

Secusmart

Secusmart provide highly secure and encrypted speech and data communication solutions.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Sera-Brynn

Sera-Brynn

Sera-Brynn is one of the highest-ranked, pure-play cybersecurity compliance and advisory firms in the world.

TAC Security (TAC Infosec)

TAC Security (TAC Infosec)

TAC Security (aka TAC Infosec) is a leading and trusted cyber security consulting partner that specializes in securing the IT infrastructure and assets of enterprises.

AlertSec

AlertSec

AlertSec Ensure is a U.S. patented technology that allows you to educate, verify and enforce encryption compliance of third-party devices.

Raonsecure

Raonsecure

Raonsecure is one of Korea’s leading ICT security software companies – providing a variety of PC and mobile security solutions to financial institutions, government, and enterprise.

JaCIRT

JaCIRT

JaCIRT is the national Cyber Incident Response Team for Jamaica, established to deliver on the mandate outlined in the GoJ’s National Cyber Security Strategy.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

OneLayer

OneLayer

OneLayer provide enterprise grade security dedicated for private LTE/5G networks. We ensure that the best IoT security toolkit is implemented in your cellular environment.

Bright Pixel Capital

Bright Pixel Capital

Bright Pixel Capital is a venture capital company with a focus on Cybersecurity, Retail Technologies, Digital Infrastructure and Emerging Technologies.

StrongBox.Academy

StrongBox.Academy

StrongBox.Academy provides cybersecurity training courses that are tailored to the specific needs and challenges of the industry.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.

Scality

Scality

Scality storage unifies data management from edge to core to cloud. Our market-leading file and object storage software protects data on-premises and in hybrid and multi-cloud environments.