Banking Has Changed, But Criminals Haven’t — Here’s How To Protect Your Money

This year marks a decade since the global financial crisis. Although the biggest financial institutions still dominate the landscape, banking has undergone some changes. The proliferation of smartphones means mobile banking now plays a significant role in how we manage our money. A 2016 Fed survey found that over half of smartphone users with bank accounts used their devices to access their money.

What hasn’t changed since 2008? Con artists.

» 10 years after the Great Recession: Tips and advice to prepare for bad times and to prosper — any time

Ten years ago, identity theft was the No. 1 complaint logged by the Federal Trade Commission. Today, the number of complaints is 20% higher than in 2008. The research-based advisory firm Javelin Strategy & Research identified a record high of nearly 17 million victims of identity fraud last year. And many of today’s fraud and identity theft breaches involve mobile devices. The rise of mobile banking in the past decade means it’s easier and more convenient to keep up with your bank accounts, but it could also make it easier to be scammed.

Financial institutions invest in technology and cybersecurity expertise to fight back, but your bank or credit union needs your help. Here are ways hackers try to access your bank information and how you can avoid swiping your money into a criminal’s trap.

How hackers work

Phishing. This happens when hackers use websites, emails or other means of contact to trick customers into submitting personal information. The practice isn’t new, but it has gotten more sophisticated.

“Ten years ago, phishing was rudimentary. Fake sites were not authentic looking. There were a lot of typos,” says Adam Levin, founder of Cyberscout, a Scottsdale, Arizona-based cybersecurity company. “Now, the criminals have gotten much more sophisticated and the sites look real.”

According to the not-for-profit Anti-Phishing Working Group, phishing attacks increased by a whopping 5,700% over the 12 years ended in 2016, and the latest data suggest attacks continue to increase.

Keylogger software. These programs may install on phones via apps that aren’t secure, such as one that’s not from your device’s approved app store. The software records keystrokes, such as when you enter a bank username or password on a website, then sends a record of what was typed to the hacker.

How to protect your accounts

Ask your bank or credit union about security. The safest banks for consumers use the latest cybersecurity protocols to protect your accounts from breaches and large-scale identity theft. “You’ll want to make sure your bank is up to par,” Levin says. If not, it may be time to switch to another institution. Make sure your bank provides the following — and use these services:

  • Two-factor authentication.When you attempt to log on to your bank’s secure online webpage, the bank or credit union will contact you through some other means — by sending a text, for example — to ask you to confirm the login request. Not every bank has two-factor authentication. But if you choose one that does, your accounts have an extra layer of protection, says Neal Stern, CPA and member of the American Institute of CPAs’ National Financial Literacy Commission.
  • Transaction alerts.Sign up for these alerts, which are generally text or email messages your bank sends to your mobile device when large purchases are made on your account or if your balance drops below a certain amount. (For a deeper look at transaction alerts, here are five mobile banking alerts that help fight fraud.)
  • Fraud monitoring.Many banks monitor transactions to detect unusual spending patterns. The bank might send you a confirmation text if it detects an odd purchase attempt, such as an online purchase worth thousands of dollars from a vendor you’ve never used before. You would have to reply before approval of the transaction.

Keep mobile device software up to date. Your device provider likely sends periodic updates. Some of them may help stop the latest hacker attempts, so it’s important to install updates.

Have a rock solid sign-on. When it comes to logging on to your bank’s website, use “long and strong passwords” that are hard to guess, Levin says. That way, even if you lose your phone, the next person who picks it up won’t be able to figure out how to log in to your bank accounts. In addition, lock your mobile device screen and use a different password to unlock it. (Read more about how to create passwords that are hard on others but easy on you.)

Be careful with other contacts. Fraudsters may try to trick a customer by calling and saying an account has been compromised, then asking for sensitive information, such as a password or Social Security number, to confirm their identity.

“Why would you need to authenticate yourself to someone who contacts you?” Levin says. If you’re unsure about whether a call is legit, hang up and try to reach the bank or credit union at a number you’re familiar with.

Today, customers can deposit checks, transfer money between accounts and pay bills from the convenience of their smartphones. But with convenience comes risk. Take steps to eliminate the risk of identity theft by partnering with your financial institution to protect your hard-earned money.

Margarette Burnette is a writer at NerdWallet. Email: mburnette@nerdwallet.com. Twitter: @Margarette. The article Banking Has Changed, but Criminals Haven’t — Here’s How to Protect Your Money originally appeared on NerdWallet.

 

Protect yourself from phishing scams

Today we are warning consumers not to fall victim to phishing scams related to the Target data breach. Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data. By hijacking the trusted brands of banks, online retailers and credit card companies, phishers are able to convince recipients to respond to them.

“Industry experts warn that victims of the Target data breach are particularly vulnerable right now to phishing.,” says VCNB  Head of Operations Joe Griffith. “These criminals are capable of sending very legitimate looking e-mails. The most important thing for customers to remember is that we will never ask you for personal information in an e-mail.”

To avoid becoming the victim of a phishing scam, we offer the following tips:

• If you have responded to an email, contact  your  bank  immediately so they can protect your account and your identity.

• Never give out your personal or financial information in response to an unsolicited phone call, fax or email, no matter how official it may seem.

•  Do not respond to email that may warn of dire consequences unless you validate your information immediately.  Contact the company to confirm the email’s validity using a telephone number or Web address you know to be genuine.

•  Check your credit card and bank account statements regularly and look for unauthorized transactions, even small ones.  Some thieves hope small transactions will go unnoticed.  Report discrepancies immediately.

•  When submitting financial information online, look for the padlock or key icon at the bottom of your Internet browser. Most secure Internet addresses, though not all, use “https.”

•  Report suspicious activity to the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center.

If you receive suspicious communication from someone claiming to be from VCNB or representing VCNB, please contact customer service immediately. Customer service representatives are available to help you at 1-800-542-5004 or you can chat with a representative from our website at www.vintoncountybank.com.