Five ways to improve your online banking security

Online banking — by computer or by phone — is now as common a way to access your accounts as stopping at an ATM. But it's also become a target for hackers. Here are five steps to take to protect your accounts so you can bank securely online. 

A woman works on her computer at a sidewalk cafe on a spring day on the Upper West Side of Manhattan in New York, N.Y. (May 6, 2015).

Melanie Stetson Freeman/The Christian Science Monitor/File

June 9, 2016

Online banking — by computer or by phone — is now as common a way to access your accounts as stopping at an ATM, with three-quarters of Americans making it a habit, according to the Federal Reserve.

But you know who else loves online banking? Hackers. After all, it’s easier to do what they do from far away than to take someone’s money while standing in line at the teller window.

Banks and credit unions are beefing up their security systems to fight cybercrime: More than 70% of bank technology executives say they’ve increased their annual budgets in this area, according to an American Banker survey. But consumers also have a role to play.

Tracing fentanyl’s path into the US starts at this port. It doesn’t end there.

Here are five steps to take to protect your accounts so you can bank securely online.

1. Ask for two-factor authentication

When you log in to a website, you prove who you are by entering a username and a password. That’s one factor. With two-factor authentication, you’re asked to enter another piece of identification, such as a temporary code. The bank would email or text you the code at the time you try to log on, so it’s unlikely someone else could receive it beforehand.

“Two-factor authentication simply requires two forms of verification before a user can log in, and consumers should ask their financial institution if they offer it,” says Matt Cosgriff, a certified financial planner in Minneapolis, Minnesota.

2. Skip public Wi-Fi

You can’t really tell who can see your data if it’s being sent over public Wi-Fi, the kind offered at places like coffee shops and hotel lobbies. Basic Web surfing on these public networks may be OK, but it’s best to do your online banking from the security of a private home network, says Doug Johnson, senior vice president for payments and cybersecurity policy at the American Bankers Association.

If you travel often and need to use mobile banking, consider choosing your mobile provider’s data plan for online access. If you have to use public Wi-Fi, another option is to set up a virtual private network, or VPN, to send and receive encrypted data online. You can do this for a few dollars a month.

Why Florida and almost half of US states are enshrining a right to hunt and fish

When you’re on your bank’s website, verify that the page is secure before you submit any personal information. Check your browser’s address bar to make sure it starts with “https” instead of “http.” “That lets know you have a secure connection,” Johnson says.

3. Set up reminders to change your password

When you open an account and sign up for online banking, you’re probably asked to create a strong password. That’s good advice. In addition, it’s a good idea to set up reminders on your task list or calendar to change to another strong password every few months so that it doesn’t become stale and guessable.

Along these lines, avoid having the same password for all your online accounts. You may not care if someone hacked into that social media account you no longer use, but what if that person could then use it to get into your checking and savings accounts? Keep your passwords distinct and varied.

4. Be wary of ‘official-looking’ notices

Some scammers send emails that claim to be from a bank, asking you to click on a link to settle some issue with your account. These emails might have the right logos and language, but Johnson says it could be a phishing effort to get you to give up your username, password, Social Security number or other sensitive data. “Phishing attempts are becoming increasingly sophisticated,” he says.

If you receive an email that is even a little suspicious, don’t click any links in the message. Remember that you can always sign in to your account by opening a new web browser session and typing in your bank’s web address. You could also call your bank at a number you trust.

5. Ask your bank how it’s keeping your records secure

Take a look at your bank’s website, or contact customer service, to learn about any encryption technology it uses, whether it monitors accounts for fraudulent activity and if it limits your liability for unauthorized transactions. “Find out what your bank’s doing to protect you,” Cosgriff says. If you’re not satisfied with the answer, consider switching to a bank where you will be.

Online banking is convenient, but you want your financial information to stay secure. Taking steps to protect your accounts is a vital part of managing your personal finances.

Margarette Burnette is a staff writer at NerdWallet, a personal finance website. Email: mburnette@nerdwallet.com. Twitter: @margarette. This article first appeared at NerdWallet.