And did you know that with online banking, you're able to set up SMS notifications or update your personal particulars and passwords? It's super fast and easy - this essential step acts as a really important safeguard for your wealth and digital security. Make sure your anti-virus, anti-spyware and firewall software is updated regularly and that you're using the newest versions at all times.
Update your internet browser to the latest available version, no matter whether you're going online from your mobile phone, laptop, desktop computer or tablet. Select a strong password consisting of letters, numbers and symbols in a combination that's memorable to you, but difficult for strangers to crack. Also, don't forget to change your password regularly and never share your password with anyone.
On the topic of passwords, pick a password used solely for your online banking activities and HSBC Mobile Banking apps. Also, remember that HSBC will never ask you for your password. If someone contacts you claiming to be from HSBC and requests your password, ignore it and reach out to us immediately. You might expect that bank accounts should be at least as secure as an email or social media account but our research has found that some banks are still lagging behind. It may seem heavy-handed to force customers to use a second device but passwords alone are no longer good enough.
Weak login details can be stolen, leaked, or easily gleaned from social media sites and if a hacker penetrated the first layer of defence, they would have access to sensitive details such as payment history and card numbers, which could make any subsequent scam attempts more convincing.
Some banks offer a physical device to generate unique one time passcodes OTPs that serve as evidence of 'possession'. Most banks also let you authenticate yourself at login via the mobile banking app in some cases, you can simply use fingerprint ID to let them know it's you logging in. Nationwide, Tesco Bank, the Co-operative Bank, Triodos and Virgin Money are the only current account providers who don't yet offer this.
A more common option is OTPs sent via text message to a mobile phone but we want providers to phase these out as they are vulnerable to Sim-swap attacks. Lloyds Banking Group includes Halifax and Bank of Scotland customers can choose to pass security by supplying a six-digit number via an automated phone call to their landline.
If you are struggling to receive codes sent by your bank via SMS due to bad reception, some networks offer Wi-Fi Calling which lets you connect via your wireless broadband. Banks should still monitor your accounts for unusual activity Lloyds asks you to reconfirm trusted status when you use a new browser or clear your browser history.
Tesco Bank was the only bank that told us it never asks users to re-authenticate trusted devices. New name-checking system called Confirmation of Payee CoP has been introduced to prevent payments being made to the wrong bank accounts, but not all banks have implemented this vital layer of security.
Previously, all banks processed online transfers using the account details only and took no notice of the name entered. This flaw causes misdirected payments if people accidentally enter the wrong digits and can be abused by criminals who impersonate trusted organisations to trick people into transferring money directly into accounts they control.
You can still choose to ignore these warnings and authorise the payment regardless, though banks make a point of stating that you do so at your own risk. CoP checks payments using the Faster Payments system including standing orders and CHAPs high-value payments , whether they are made online, via your mobile banking app or in a branch.
The most obvious benefit to CoP is that it significantly reduces the risk of you making a bank transfer to the wrong account. We hope to see this figure drop when we ask again next year. Banks and building societies who offer Faster Payments must follow the credit payment recovery process if you do make a mistake, by contacting the receiving bank on your behalf within two days of you reporting the mistake.
It is hoped that CoP will also protect people from losing money to bank transfer fraud , also known as authorised push payment APP fraud. Monzo and Starling were the first banks to sign up for CoP voluntarily. Revolut - an e-money firm - started offering CoP checks in January Metro Bank and Virgin Money still do not offer CoP, even though this would help protect their customers from sending money to the wrong account.
In November , Which? Money discovered that certain Starling customers had missed out on these checks for an entire month following a system update. The biggest threat to banking security comes from using a compromised device.
Although phones are more easily lost or stolen, apps are in some ways safer than using a computer to log in to your bank account. This is because apps in the official app stores are vetted by Apple and Google, whereas PCs can run software from any source. It's also more difficult to plant a keylogger in an Android or iOS device software used to track every key you press and potentially steal usernames and passwords.
But, thanks to competition from innovative mobile-only banks Monzo and Starling, many high street banks have started to improve app security features:. Smartphone users tend to keep their devices with them, so it's a quick way to contact your bank if something goes wrong. Instant card freezing, where you can temporarily block your card in-app without having to call or visit a branch, is now offered by all of the banks we tested except The Co-operative Bank, TSB and Virgin Money.
Monzo and Starling are the only current account providers offering real-time notifications - meaning customers get alerts via the apps every time a payment comes in or out. These notifications make it much easier and quicker to spot fraudulent transactions. High-street banks are working towards this, for example, Barclays alerts mobile banking app users to large credit or debit payments and overseas payments.
But most are a way behind the digital challenger banks. Find out more: challenger banks - we review the new wave of mobile-first banking brands. Telephone fraud, or vishing, is particularly sneaky. They may use cheap software to make the call seem legitimate, for example, number spoofing software displays false caller-ID information to trick you into thinking that their number belongs to your bank or another legitimate business.
This software is used by legitimate businesses - including the Which? Tech Support team and many IT support firms. But criminals abuse accounts to hack into email and bank accounts. Call-blocking services and phones offer some respite from unwanted calls but the easiest way to stay safe is to hang up and call back on a phone number you trust such as the number your bank provides on the back of your debit card. Stay one step ahead by learning these seven ways to spot a scam and follow these ten tips to keep the cash in your bank account safe:.
This essentially creates a private network that only you can access. Norton, for example, offers this feature. Banking alerts and notifications are one of the easiest ways to stay on top of your banking activity and to monitor security.
Depending on how your bank operates, you may be able to enroll in email or text alerts to receive notifications. The kinds of alerts you may want to set up include notifications for new credit and debit transactions, failed login alerts, password change alerts and outgoing wire transfer alerts.
You could then log in yourself and change the password to make it more secure. Notifications also can help if someone does manage to hack your account and make a fraudulent purchase. You can notify the bank right away that your online banking details have been compromised, to prevent any additional fraudulent activity. Phishing is one of the most common methods identity thieves use to gain access to personal and financial information.
This kind of scam usually involves tricking you into giving up your information. For example, you might get an email that looks as if it came from your bank, telling you that you need to log in to your online account and update your information.
You click the link and log in to what appears to be a legit site but is actually a dummy site. Or, clicking a link automatically downloads tracking malware to your computer that allows identity thieves to log your keystrokes. Then, instead of clicking links, hover over them to see where the link text leads to. The same goes if you receive a phone call from your bank or anyone else asking for your banking information. A common phishing scam, for example, involves calls from someone claiming to be an IRS representative demanding money for unpaid taxes.
This can be an easy way to test whether the call is a scam. Financial apps, including mobile banking apps, can help with everything from doing your banking to paying bills to sending money to shopping. The next step is being careful with whom you allow to access your online and mobile banking details.
For example, you might be thinking of using a robo-advisor or budgeting app to manage your money. These apps may ask you to share your login credentials for online banking so they can pull information to create your financial picture. Before downloading financial apps from the app store, check the ratings first. Online banking gives you control over your financial life at the touch of a button, but, as with anything else online, there are risks when it comes to security.
Also, remember to keep up with basic security housekeeping duties for your devices. For example, fraudsters often use so-called phishing scams, in which they send out emails or text messages pretending to represent a financial institution in the hopes of hooking an unsuspecting consumer. If you reply, the criminal could use the information to illegally make purchases or withdraw money from your account. Choose an institution that uses industry-standard security.
You probably already want a bank or credit union that offers accounts with low fees and high interest rates. Then, make sure your online accounts are backed by robust technology, like the measures mentioned above. One other example is multifactor authentication. It could be a unique passcode sent to your smartphone as a text message, or even your own fingerprint. Many of the larger online banks — and traditional institutions with online accounts — adhere to these standards, so it should be easy to find a bank or credit union that fits the bill.
Skip public Wi-Fi for private banking. The security of your private home network is ideal. If you have to log in while away from home, consider using your cellular data plan instead of Wi-Fi, or a virtual private network, known as a VPN.
Keep anti-virus software current. Make sure yours is up to date on your home computers and mobile devices.
0コメント