8 tips for safer online banking

Online banking is nice and convenient.  It does come with certain risks however.  Just as you hear of people being robbed at ATMs, or having their cards cloned, so online accounts are also a point of vulnerability.

Follow these 8 tips and you can minimise the risks to your finances and bank safely online:

1. Choose an account with two factor authentication

Try to get a bank account that offers some form of two factor authentication for online banking.

These days many, but not all, banks offer a small device that can be used to generate a unique code each time you log in.  This code is only valid for a very short period of time and is required in addition to your login credentials in order to gain access to your online account.

2. Create a strong password

If your bank requires a user-generated password in order to access online accounts make sure you choose one that is strong.  The best way to achieve this is by making it long and a mix of upper and lower case letters, numbers, and special characters.

Always avoid using any common words or phrases and never create a password that contain your name, initials, or your date of birth. If your bank allows it, change your password every few months.

When setting up online banking, if your bank asks you to provide answers to some standard security questions remember that the answer you give doesn’t have to be the real one.  So if you are asked to provide your mum’s maiden name to a security question, respond with a random answer like “Radio Star”. Use a password manager if you are concerned about how to remember everything!

3. Secure your computer and keep it up-to-date

Security software is essential these days, regardless of what you use your computer or laptop for.

As a minimum, make sure you have a firewall turned on and are running antivirus software.  This will ensure you are protected from Trojans, keyloggers and other forms of malware that could be used to gain access to your financial data.

You’ll also want to keep your operating system and other software up-to-date to ensure that there are no security holes present.

4. Avoid clicking through e-mails

No financial institution worth their salt will send you an e-mail asking you to provide any of your login details.

If you receive an e-mail that appears to be from your bank that asks for such details then treat it with suspicion as it may well be a phishing attempt to trick you into handing your credentials over.

Likewise, be aware of links in e-mails that appear to be from your bank – this is a trick often employed by the bad guys to get you onto a website that looks like your bank.  When you log in to ‘your account’ they will steal your username and password and, ultimately, your cash.

It is always safer to access your online bank account by typing the address into your browser directly.

Also, be aware of unsolicited phone calls that purport to be from your bank.  While your financial institution may require you to answer a security question, they should never ask for passwords or PINs (they may ask for certain letters or numbers from them, but never the whole thing).

If in doubt, do not be afraid to hang up and then call your bank back via a telephone number on your statement or go in branch yourself.

5. Access your accounts from a secure location

It’s always best practice to connect to your bank using computers and networks you know and trust.  If you need to access your bank online from remote locations you might want to set up a VPN (Virtual Private Network) so that you can establish an encrypted connection to your home or work network and access your bank from there.

Look for a small padlock icon somewhere on your browser and check the address bar – the URL of the site you are on should begin with ‘https’.  Both act as confirmation that you are accessing your account over an encrypted connection.

6. Always log out when you are done

It is good practice to always log out of your online banking session when you have finished your business.  This will lessen the chances of falling prey to session hijacking and cross-site scripting exploits.

You may also want to set up the extra precaution of private browsing on your computer or smart phone, and set your browser to clear its cache at the end of each session.

7. Set up account notifications (if available)

Some banks offer a facility for customers to set up text or e-mail notifications to alert them to certain activities on their account.  For example, if a withdrawal matches or exceeds a specified amount or the account balance dips below a certain point then a message will be sent.

Such alerts could give quick notice of suspicious activity on your account.

8. Monitor your accounts regularly

It should go without saying that monitoring the your bank statement each month is good practice as any unauthorised transactions will be sure to appear there.

Why wait a whole month to discover a discrepancy?  With online banking you have access 24/7 so take advantage of that and check your account on a regular basis.  Look at every transaction since you last logged in and, if you spot any anomalies, contact your bank immediately.