Just because your money’s in the bank doesn’t necessarily mean it’s safe. This November, 9,000 customers of Britain’s Tesco Bank lost 2.5 million pounds (equivalent to $3.14 million) in a weekend in the largest successful cyberheist of a British bank to date. 1 in 15 customer accounts were affected, forcing the bank to temporarily suspend all online debit transactions and contactless card payments. The money was stolen by thieves using mobile phone payments in the U.S. and Brazil to buy low-priced goods from retailers such as Best Buy.
Chatroom conversations on underground websites indicate the thieves were aided by a bank insider who provided customer details. Unfortunately, any bank is vulnerable to an insider attack, but there are still some steps you can take to help keep your bank account secure against some of today’s most common threats.
Staying Safe During Online Transactions
While the Tesco robbery appears to have been an inside job, thieves can also target you when you’re accessing your bank account online or using your bank debit or credit card to pay for transactions online. To protect yourself, one step you should take is using smart passwords, with a mix of capital and lowercase letters, numbers and symbols, Aite Group senior analyst Shirley Inscoe recommends. Don’t use your Social Security Number as part of your PIN. Never give your PIN number to anyone or disclose it by email or over the phone.
Don’t store PIN numbers, Social Security Numbers or other sensitive information on the device you log into your bank’s site with. Use financial apps that don’t store your information on your device. Protect your device by turning on two-factor authentication safeguards such as passcodes and fingerprint ID. Keep your device’s operating system and browser up to date and use anti-virus software to stay current on the latest security fixes.
When accessing your bank’s site, use secure networks such as VPN networks rather than using a public Wi-Fi network. If possible, log on using your bank’s app rather than a PC or laptop. Make sure you get the official app from your bank’s site rather than an app store. When logging into websites, use sites with a HTTPS prefix in their URL.
Sign up for paper statements so you have a permanent record of balances and transactions. Check your account daily and review your bank statement monthly to monitor suspicious activity. A financial protection service such as LifeLock can assist you with this by providing automated monitoring, as well as helping you recover your assets in the event you become a target of identity thieves.
Guarding Against Online and Offline Fraud
Fraud can occur whether you’re online or offline. Authorities believe that the victims of the Tesco robbery should be on the lookout for follow-up phishing emails and vishing phone calls by criminals posing as bank representatives requesting information.
Beware of emails warning you of suspicious activity and asking you for sensitive information or instructing you to click on a link. Security provider Norton says that phishing attacks often use scare tactics, such as warning you that your account could be closed if you don’t respond. Phishing accounts also tend to use generic subject lines and addresses, whereas authentic communications from your bank are likely to be more personalized. Watch out for phone calls requesting information about your identity or account or inviting you to move money to a safe account.
Using ATM Machines Safely
Another place to be on guard is when using an ATM machine. When choosing a PIN number, don’t use information that appears elsewhere in your wallet, such as part of your name or birthday, recommends Wells Fargo. Do not write your PIN number anywhere it might be seen. Cover your PIN number when entering it on a keypad. Keep track of your transaction receipts, store them safely and dispose of them securely. Furthermore, check ATMs to make sure they don’t have skimming devices.
Staying Safe while Shopping
Debit cards don’t provide the same protections as credit cards against liability for unauthorized use, so avoid using debit cards at risky locations, advises Bankrate. These include ATMs, gas stations, restaurants and e-commerce sites. Report lost or stolen cards as soon as possible to limit your liability.