Several types of electronic fraud specifically target online banking. Some of the more popular
types are described below:
Phishing attacks use fake email messages from an agency or individual pretending to represent
your bank or financial institution. The email asks you to provide sensitive information (name,
password, account number, and so forth) and provides links to a counterfeit web site. If you
follow the link and provide the requested information, intruders can access your personal account
information and finances.
In some cases, pop-up windows can appear in front of a copy of a genuine bank web site. The
real web site address is displayed; however, any information you type directly into the pop-up
will go to unauthorized users. (In a similar scheme, called “Vishing,” a person calls you and pretends to be a bank representative seeking to
verify account information.)
Malware is the term for maliciously crafted software code. Special computer programs now exist that enable intruders to fool you into believing that traditional security is protecting you during online banking transactions. Attacks involving malware are a factor in online financial crime. In fact, it is possible for this type of malicious software to perform the following operations:
Pharming attacks involve the installation of malicious code on your computer; however, they
can take place without any conscious action on your part. In one type of pharming attack, you
open an email, or an email attachment, that installs malicious code on your computer. Later, you
go to a fake web site that closely resembles your bank or financial institution. Any information
you provide during a visit to the fake site is made available to malicious users.
All the attack types listed above share one characteristic; they are created using technology but,
in order to succeed, they need you to provide information:
When it comes to online banking, there is no way to absolutely guarantee your safety. However,
good practices do exist that can reduce the risks posed to your online accounts. The following
sections describe these practices.
Be sure to change your PIN regularly. Do not choose a PIN that contains personal information
such as your birthday or Social Security number; an attacker might be able to guess these.
Regardless of the circumstances, never give someone access to your current PIN number (see
“Choosing and Protecting Passwords” for more information).
Install anti-virus, firewall, and anti-spyware programs on your computer and keep them up to date.
You should turn on automatic updates for these programs or, if prompted,
always agree to download system updates as soon as they are available.
Timing is a factor in your response to unauthorized electronic fund transactions. If you receive a
paper account balance, make sure that you reconcile it with your online balance.
You should conduct online bank transactions in locations that are not subject to public monitoring. When you are entering login information, you should avoid using unsecured or public network connections (for example, at a coffee shop or library). As a general rule, you should avoid using any computer that other people can freely access; the end result could be unauthorized access of your financial information. Remember, it is possible for your account information to be stored in the web browser’s temporary memory.
You should not reply to any email requests for security information, warnings of an account suspension, opportunities to make easy money, overseas requests for financial assistance, and so forth. Also, links found in these suspicious emails should not be clicked. Forward a copy of the suspicious email to the Federal Trade Commission at uce@ftc.com and then delete the email from your mailbox.
Online banking involves certain risks. It is important to educate yourself about these risks, how unauthorized access to your financial information occurs, and the steps you can take to protect your financial information. Learning about your rights and responsibilities as an online banking consumer can make a difference to your financial well-being.