The way we bank has changed enormously over the last decade. Given that since 2010 over 6,000 bank branches have closed its no surprise that online banking has become unavoidable for most. And, in fairness to online banking many, including myself, find it quick, efficient and very useful. However, as we tour round the country giving fraud awareness presentations the question that we are asked every time is, “is online banking safe?”, similarly we field calls from members every week concerned about online banking. In this guide we are going to talk about which banks have the best online service security, what the main risks are and how to avoid being caught out.
Best Banks for Online Banking Security
Which? Rated the biggest UK banks in July of this year using the following criteria:
- Security of login
- Strength of encryption
- Security of “making changes” such as payees
- Security of logout and navigation
The results can be viewed above.
It’s disappointing to see 2 of the largest 4 banks, Nat West and Santander scoring so badly and a reminder to all of us to be vigilant when we’re using online banking services. One of the key reasons for this was their lack of use of 2FA, (2 Factor Authentication), which combines something you know such as your password or PIN with something you have such as a text message or a code from a card reader. As noted in the article about SCA, (Strong Customer Authentication) all the banks will be changing this over the next 18 months. As with all online accounts whenever you have the option to turn-on 2FA always do as it massively improves your security.
What are the main risks?
The number one risk to online banking comes from using a PC or mobile which has been “compromised”. By compromised we mean that fraudsters have either been able to install malware which records your credentials and sends the details to them.
Compromised Login Details
The second greatest risk is from fraudsters getting their hands on your password and login details. This normally happens from “phishing” where fraudsters email victims with very authentic emails requiring them click on a link and login for something “essential” on their account.
How to Stay Safe
- Don’t Click – on any link in an email, go independently to your account to see if any action is required
- Download? – Be very careful what you download, and from where. iPhone users should only use the App Store and Android users should only use Google Play. Other downloads may look fine but can have horrible malware embedded
- Stay protected – from malware by having up to date anti-virus software installed. Please see the Reassura Guide for more details
- Strong Password – please read the Reassura Guide to Strong Passwords
- Dear customer? – Most scam emails are not addressed personally, so avoid any emails or texts which do not address you by name. However, it should be noted that increasingly fraudsters have through data breaches the ability to personalize emails so do not solely rely on this tactic
- From who? – Who does it actually come from, click on the sender to check, its not fool proof but it catches a lot
- Personal means private! – Do not divulge personal details unless you are certain who you are sharing it with, and certainly not PIN numbers!
- Report spam emails – Your email inbox will have a spam button, this is one of the main ways Outlook, Gmail etc. machine learn on how to block spammers
- Report spam texts – by texting CALL to 7726 and they will respond with some questions for details
- Check your bank account – Regularly check your accounts to make sure there are no rogue transactions
- Still Unsure? – Join Reassura 0800 888 6400 and one of our fraud advisor’s will help you to stay safe
If you think that you might have been a victim of Online Banking Fraud