One of the latest threats is the Chthonic Trojan, which adds rogue forms to your banking website in the hope you’ll fill them in and share your security information. The Trojan can also steal passwords stored on your computer and log keystrokes. That information is collected by the criminals who use it to log into your account and empty it.
What do our banks do to protect us?
- Banks spend millions on computer security. It’s a necessary cost for them because they’re required to refund customers who have been defrauded through no fault of their own.
- Banks use Secure Socket Layer (SSL) encryption, which gives an added layer of protection when you sign into online services or do anything else in which your personal information could be intercepted.
- Banks will often insist that passwords have a minimum length, use both lower and uppercase letters and have a number in them.
- Your information is encrypted. That means all information leaving your computer and going to the bank is scrambled. Encrypted bank websites have some type of closed lock symbol on them at one corner. The web address will also begin with https://. The “s” stands for secured. It’s a good idea to check for this “s” this each time you log on because “man in the browser” attacks can redirect users unknowingly to a fake website starting with http://.
- Our banks work with companies such as PhishLabs to have fake sites taken down as soon as possible.
- You’re locked out of online banking if you get your password wrong more than a few times.
- All banks use firewalls so that only authorised users can get in.
- Some banks use two factor identification. As well as having to input your user name and password you must answer questions that only you should know the answer to. Some banks require you to use a digipass, which is a small device that generates a unique code every time you log in. Without the digipass you can’t get in.
- The bank can recognise your device. The bank’s systems know where you’re logging in from. If your account is logged into from an unusual location this can send alarm bells ringing at the bank.
- Timed logoff. If you walk away from your computer without logging off from online banking you’ll be logged out after a certain amount of inactivity.
The banks can’t always keep ahead of the fraudsters and if you’ve been sensible about looking after passwords and banking security in general you’ll probably be reimbursed. You can complain to the Banking Ombudsman if you’re not reimbursed and your case will be heard by an independent adjudicator.
Finally, Internet banking is a great tool. Just take care when you’re using it.