I’ve banked online for years. First, my brick-and-mortar bank went online. Then I opened several accounts with online banks that don’t have branches. My guess is you bank online, too.

According to Statista, as of 2020, as many as 1.9 billion individuals worldwide actively used online banking services with that number forecasted to reach 2.5 billion by 2024. In the United States, more than 65% of Internet users accessed bank websites.

Bank Hacking

With its increased usage, however, online banking is becoming an increasingly attractive target for hackers. In fact, over the recent years, major banks have been the prime targets of hacking attacks. Citigroup revealed that in 2011 more than 360,000 accounts were compromised in a hacking attack that left 3,400 accounts suffering losses of up to $2.7 million.

In September 2012, Iranian hackers were reportedly targeting Citigroup, Bank of America and JP Morgan Chase. When the hacks were finally reported, we learned that the attacks had been going on for close to a year even though customers have been complaining about how difficult it was to access their accounts.

More recently, McAfee Labs reported that hackers are planning to take millions from customers of major banks starting in the spring of 2013. The plan has been called Project Blitzkrieg.

And more recently, our phones are being used by hackers to access our bank accounts.

All of these highly publicized attacks raise a lot of concerns for me, not the least of which is the safety and security of our online banking transactions. Should you pay your bills online? Should you check your balance from your bank’s website? Or should you transfer funds online?

For me, the answer is yes. Here’s why.

Related: What Happens if Your Bank App is Hacked

Online banking is safe for consumers

Banking websites are hit by hacking attacks every single day. While that may be unsettling to hear, there is a silver lining. As a result of these attacks, banks continually improve their systems to effectively deal with such attacks.

In addition, even if hackers are able to steal money from your account, you will likely be protected. If you safeguarded your personal information and reported the loss immediately, the bank is likely to reimburse your account, according to Bankrate. According to the same source, federal law provides that banks must reimburse stolen funds if reported within 60 days.

Take note that this does not apply to institutional depositors. So, if your bank account is under your business name, then you are not covered by this protection.

This does not mean, however, that you should just be complacent. Online banking is safe, but you should also exercise caution when banking online. There are best practices that you should observe when you use any online banking service.

First, though, you should understand the risks of online banking.

Online Banking Risks

There are four main types of attacks that are prevalent when you use online banking services.

1. Phishing

Having an online banking account, you might fall victim to phishing. This tactic generally involves tricking somebody into clicking a link in an email message. The link often downloads software to a computer that can be used to gather sensitive information such as usernames and passwords.

Alternatively, the link may take a user to what looks like a legitimate website. Once there, the website asks for confidential information that can be used by hackers to gain access to other accounts, such as email.

2. Identity Theft

Even if hackers do not steal from your account, you can still have your account details compromised in the case of an identity theft. This includes your personal information, such as your social security number and other identifying data. These data could be used to hack into your other accounts.

Identity theft can occur in a variety of ways. Online your social security number and other confidential information can be compromised. As noted above, a phishing attack is a common method used by thieves.

Learn More: Best Identity Theft Protection Services

Offline, however, your identity can be compromised, too. Whether it’s digging through trash or stealing your wallet, thieves have several ways to access confidential information.

Related: LifeLock Review – How to Protect Your Identity?

3. Keylogging

If you access your online banking site on public networks, such as Internet cafes or public Wi-Fi, there is a chance that you could fall prey to keylogging. Keylogging involves a software recording your keystrokes and using these logs to get your account details. Keylogging may also be carried out using video cameras that record your keystrokes.

4. Pharming

This might be a little more difficult for hackers to carry out, but it does happen. Pharming occurs when hackers are able to hijack a bank’s URL so that when you try to access your bank’s website, you get redirected to a bogus site that looks like the real thing.

What to Do

So how do you deal with all these risks? The Federal Deposit Insurance Corporation sets forth the things that every online banking customer should do. These steps should ensure that you have adequate protection from falling victim to these hacking tactics.

1. Confirm your online bank’s legitimacy

You should be able to know if your online bank is legitimate by reading the information found on the site and whether or not it is insured with the FDIC. The FDIC has a tool that lets you search for banks, which you can access here.

2. Be very careful with copycat Web sites

Be sure that you do not fall prey to sites that use a name that is very similar to your online bank. For example, BankofAnerica.com or Citigrop.com.

When you receive an e-mail purporting to be from your bank, don’t click any links in the email. Instead, type in the url of your bank and login. If your bank is really trying to contact you, you’ll likely find a message when you access your account. Alternatively, call the number on the bank of your debit card or latest bank statement.

3. Learn more about your bank’s security system

You should know how your bank encrypts your private information. When you are accessing the Web site, you should find a small “lock” or “key” icon to tell you that the site and your transactions are secure.

You should be able to use PINs and passwords when you access your account online. Lastly, do not send personal information over e-mail. Under no circumstances would your bank ask for personal data over e-mail.

4. Protect your computer

Hacking attacks are not always directed at banks. Because many such attacks are directed at customers, you will do well if you have the latest virus and malware scanning software installed on your computer. You should also ensure that all the software you use on your computer has been patched with the latest security updates.

In addition to this, you should not get lazy when it comes to online banking. Some banking Web sites have an option that offers to “remember your computer.” Choosing this option would allow you to bypass some security questions if the bank’s system recognizes your IP address. The problem is that hackers can spoof your IP address and make your bank think that the hacker’s computer is really yours.

In short, do not enable this feature. Yes, you will end up answering more security questions, but it is also more secure.

5. Consider Getting a VPN

You’ve been hacked.

Your personal information is at risk. Hackers are targeting your data and stealing it from under your nose without you even knowing about it. It’s time to take back control of your privacy with a VPN.

A VPN gives you an extra layer of privacy and security when you’re browsing (and shopping) online. Both ExpressVPN and NordVPN give you everything you need to browse anonymously without having to worry about anyone else finding out where you’ve been. For only a few dollars a month, you gain peace of mind when shopping online during the holiday season (as well as every other time of the year).

As in everything you do, take everything with a grain of salt. Do not click links on e-mails, do not talk to strangers, do not download anything from people you do not trust, and look both ways before crossing the street.

Let’s be careful out there.


  • Rob Berger

    Rob Berger is the founder of Dough Roller and the Dough Roller Money Podcast. A former securities law attorney and Forbes deputy editor, Rob is the author of the book Retire Before Mom and Dad. He educates independent investors on his YouTube channel and at RobBerger.com.

    View all posts