With social distancing and lockdown measures in place, online banking is the new normal, but our cybersecurity hygiene needs tightening.

Mobile and online banking have been on the rise in recent years. Physical banking branches and automated teller machine footprints are rapidly being supplanted by digital distribution and service delivery.

Plus, amid current social distancing standards, many banks are urging customers to take advantage of online banking services. But the higher usage of online services also increases the risk of cybercrimes.

If you are looking to keep your online banking secure, here are a few tips.

  1. Avoid using public wi-fi
    Using public wi-fi for banking can lead to man-in-the-middle attacks, or “lurkers,” who may be scanning the public network. Set the automatic wi-fi connection to ignore public w-fi, and, if on a laptop, make sure file sharing is turned off.
  2. Check for TLS/SSL encryption on the sites you visit
    Banks typically use the highest form of TLS assurance to authenticate their websites as the real deal and not some spurious website by an imposter. Verify the authenticity of your bank’s website by clicking on the padlock and “Certificate Information” to review the bank’s information.
  3. Use VPN where possible
    If you do have to use public wi-fi, consider using a VPN, which can add a layer of security and privacy by protecting against man-in-the-middle attacks. However, not every VPN is safe. Before implementing a VPN solution, check ratings from security publications and consider investing in paid and reputable services rather than a free VPN.
  4. Maintain strong passwords
    It is wise to maintain strong passwords, but you especially want to consider this while spending more time online from home. You may consider using a password manager to centralize storage of your strong passwords and passphrases. Additionally, enabling automatic logout after a certain period of time can protect your accounts.
  5. Use multi-factor authentication
    A majority of banks use one form of multi-factor authentication. Make sure that you opt-in to at least one.
  6. Download your bank’s app
    Mobile banking can be just as secure, if not more secure, than desktop-based online banking. Some apps also offer multifactor authentication or biometrics like fingerprints, face recognition or eye scans. Plus, often on mobile, they do not store data. So mobile apps may be a more secure choice when on public wi-fi. Using an app also avoids the presentation of unfamiliar links, which can be part of phishing attacks.
  7. Check your privacy settings
    Next-generation financial applications can pose a critical threat to your private information. Make sure that you have the right settings for your account and avoid disclosing private information, such as transactions, via these apps.
  8. Be careful whom you authorize
    Before giving apps or other users access to your accounts, consider how sharing access will affect your account security. Check the security layers offered by a financial app before downloading it and giving it access to your accounts. And only give others access to your accounts if completely necessary and you trust them.
  9. Sign up for banking alerts
    Your bank can send you email or text notifications for certain activities on your account. If your accounts show unusual activity, these alerts allow you to secure them as quickly as possible.

    Examples of banking alerts include transactions above a certain amount, failed login attempts, password or information changes, and foreign transactions.

    Hackers will often send through a small transaction or two to see if they get noticed before making bigger and bigger purchases, so these alerts can prevent fraud on your accounts from escalating.
  10. Monitor bank statements
    On top of alerts, you may also want to monitor your bank statement regularly. Some transactions may appear to be from you and your bank will not alert you, so it is your responsibility to monitor your statements.
  11. Beware of phishing scams
    When you receive a bank or financial institution email, read carefully to make sure they are the real deal. At first glance it may seem like your bank asking you to login, but if you know common signs of phishing you can more likely identify and avoid scams.

    Scammers may also call you and claim to be a representative of the bank. If you are unsure, hang up and call the bank directly.

If you suspect a scam, report it by contacting your government regulatory authority or their hotline.