Banking has changed, but criminals haven’t
This year marks a decade since the financial crisis. The biggest financial institutions still dominate the landscape, but banking has changed. Mobile banking now plays a significant role in how we manage our money.
A 2016 survey by the Federal Reserve found that more than half of smartphone users with bank accounts used their devices to access their money. What hasn’t changed? Con artists. In 2008, identity theft was the top complaint logged by the Federal Trade Commission. Today, the number is 20 percent higher. Many of today’s breaches involve mobile devices.
How hackers work
❚ Phishing: Hackers use websites, emails or other means to trick customers into submitting personal info.
“Ten years ago, phishing was rudimentary. Fake sites were not authentic looking. There were a lot of typos,” says Adam Levin, founder of Cyberscout, an Arizona-based cybersecurity company. “Criminals have gotten much more sophisticated, and the sites look real.”
The nonprofit Anti-Phishing Working Group says phishing attacks rose
5,700 percent over 12 years ending in
2016.
❚ Keylogger software: These programs may install on phones via unsecured apps, often ones that are not from your device’s approved app store. The software records keystrokes, such as a bank password, and sends what was typed to the hacker.
How to protect your accounts
Make sure your bank provides:
❚ Two-factor authentication: When you log on to your bank’s web page, it will contact you through another means — a text, for example — to confirm the login request.
❚ Transaction alerts: These are texts or emails your bank sends to your mobile device when large purchases are made on your account or your balance drops below a certain amount.
❚ Fraud monitoring: The bank sends a text asking you to confirm an odd purchase attempt, such as buying an item from a vendor you’ve never used before. Also:
❚ Keep mobile software up to date: Your device provider’s periodic updates can help stop the latest hacker attempts.
❚ Have a rock-solid sign-on: Levin recommends “long and strong passwords” to stymie a smartphone thief.
❚ Be careful with other contacts: Fraudsters may call and say an account has been compromised, then ask for a password or Social Security number to confirm your identity.
“Why would you need to authenticate yourself to someone who contacts you?” Levin says. Hang up and call the bank at a number you’re familiar with.