Received Poor Customer Service? How To Complain Effectively
Citigroup Increases Number of Breach Victims To 360 Thousand

Tips For Safe Online Banking

You've just purchased a new, shiny mobile device or smart phone and have decided to use it for online banking. You've heard that some people have had data security problems, so you want to bank online safely with confidence. What should you do?

Caution: one article isn't going to tell you everything you need to know. Why? First, technology changes quickly. When new tools become available, that may change what you do to protect yourself online. Second, the steps you take to bank online safely will vary by the brand or type of mobile device you use and the apps available for that device. During the coming weeks, I will use this blog to highlight relevant articles about mobile banking.

To start, there is a pretty good article at Infosec Island with tips for safe online banking:

"1. Never accept incoming communications purporting to be from financial institutions you do business with, whether by email or phone call."

I agree. It is simply too easy today for scam artists to create fake or phishing websites and e-mail messages. Smart consumers have learned how to recognize phishing e-mail messages and the variety of phishing attacks. If you are unsure about a message, contact your financial institution via their toll-free number.

"2. Update your security software on your computer."

I have written repeated blog posts reminding consumers to keep the anti-virus software on your home computer both current and active. That means you should also activate the anti-phishing features, too. This cannot be over-emphasized. If you think that the anti-virus software you current use is lacking, sites like Cnet and Consumer Reports rate the various anti-malware software products. Given the new smart phones and mobile devices (e.g., tablet computers), it is also important to:

"3. Check the security of your mobile device and your mobile banking apps."

I agree with Infosec Island that identity thieves and scam artists will follow the technology. As more and more consumers buy smart phones, an increasing number of phishing attacks will target those devices. Note:

"Andrew Hoog, chief investigative officer of viaForensics, a digital forensics and security company, found three unencrypted (i.e., less secure) passwords in apps for Foursquare, LinkedIn and Netflix on the Android in a recent round of app security testing. Citibank received a "pass" rating for its app..."

That means, consumer must do their research first. Don't blindly install the app with out researching it beforehand. Check your bank's website for a complete description of its online banking app. Or, check the website that provides apps for your mobile device. The app description should:

  • Fully describe how the apps works, including any limitations
  • Display any terms of use and privacy policies
  • Display screen images of the app so you can preview it
  • Share comments and ratings by existing app users

I like to research an app at one of the reputable technology websites, like CNet. Search the Cnet site by entering the name of the app if you know it, or the "mobile banking apps" keywords. You might also check for resources. Depending upon the brand of mobile device, you might try MacWorld or PC World. If the online banking app does not encrypt your sign-in credentials (e.g., user ID and password) or doesn't provide a privacy policy, then don't download and install the app.

"5. Use strong passwords and don't reuse your bank password elsewhere."

Today, consumers must know how to create strong passwords. Since we consumers have registered at so many websites, it is tempting to reuse the same passwords. Don't do this. Some more don'ts:

  • Don't use the same password at both your banking and social networking websites
  • Don't use a password that is an item in your social media profile. For example, if you've mentioned your pet's name in your Facebook profile don't use that name as a password anywhere online. Similarly, don't use your favorite color, TV show, or sports team as your password
  • See this list of passwords you shouldn't use

You can read the rest of the tips list at the Infosec Island blog.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.