Authored by: Dean Coclin, Senior Director of Business Development at DigiCert
Mobile and online banking have been on the rise in recent years. In Singapore, it’s been seen that physical branches and ATM footprints are rapidly being supplanted by digital distribution and service delivery, according to the Singapore Business Review
Plus, amid current social distancing standards, many banks are urging customers to take advantage of online banking services. But the higher usage of online services also increases the risk of cybercrimes.
If you’re looking to keep your online banking secure, here are a few tips.
Avoid using public WiFi
Avoid using public WiFi for banking so that you can avoid being compromised from man-in-the-middle attacks, or “lurkers,” who may be scanning the WiFi network. You can also disable the automatic connection feature and, if on a laptop, make sure file sharing is turned off.
Check for TLS/SSL encryption on the sites you visit
Banks typically use the highest form of TLS assurance to authenticate their websites as the real deal and not an imposter. Verify the authenticity of your bank’s website by clicking on the padlock and “Certificate Information” to review the bank’s information.
Use VPN where possible
If you do have to use public WiFi, consider using a VPN, which can add a layer of security and privacy by protecting against man-in-the-middle attacks. However, not every VPN is safe. Before implementing a VPN solution, check ratings from security publications and consider investing in paid and reputable services rather than a free VPN.
Maintain strong passwords
It is wise to maintain a strong password, but you especially want to consider this while spending more time online from home. You may consider using a password manager to centralize your passwords. Additionally, enabling automatic logout after a certain period of time can protect your accounts.
Use multi-factor authentication
A majority of banks use one form of multi-factor authentication. Make sure that you opt-in to at least one.
Download your bank’s app
Mobile banking can be just as secure, if not more secure, than online banking. Some apps also offer multifactor authentication or biometrics like fingerprints, face recognition or eye scans. Plus, often on mobile, they don’t store data. So mobile apps may be a more secure choice when on public WiFi. Using an app also avoids the presentation of unfamiliar links, which can be part of phishing attacks.
Check your privacy settings
Next-generation financial applications, such as GrabPay, can pose a critical issue to your private information. Make sure that you have the right settings for your account and avoid disclosing private information, such as transactions, via these apps.
Be careful whom you authorize
Before giving apps or other users access to your accounts, consider how sharing access will affect your account security. Check the security layers a financial app offers before downloading it and giving it access to your accounts. And only give others access to your accounts if completely necessary and you trust them.
Sign up for banking alerts
Your bank can send you email or text notifications for certain activities on your account. If your accounts show unusual activity, these alerts allow you to secure them as quickly as possible.
Examples of banking alerts include
transactions above a certain amount,
failed login attempts,
password or information changes, and
Hackers will often send through a small transaction or two to see if they get noticed before making bigger and bigger purchases, so these alerts can prevent fraud on your accounts from escalating.
Monitor bank statements
On top of alerts, you may also want to monitor your bank statement regularly. Some transactions may appear to be from you and your bank will not alert you, so it is your responsibility to monitor your statements.
Beware phishing scams
When you receive a bank or financial institution email, read carefully to make sure they are the real deal. At first glance it may seem like your bank asking you to login, but if you know common signs of phishing you can more likely identify and avoid scams.
Scammers may also call you and claim to be a representative of the bank. If you’re unsure, hang up and call the bank directly.
If you suspect a scam, report it by contacting your government regulatory authority, such as the ScamAlert website by the National Crime Prevention Council (NCPC) or their hotline.