• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

SWC

South West ComputAble ... the trusted name in technology

  • News
  • About Us
    • What We Do
    • Where We Stand
    • Our Team
    • What Our Clients Say
    • Jobs with Us
  • Products
    • Apple Models and Prices
    • Apple
    • Windows
    • Accessories
  • Services
    • Repairs and Upgrades
    • Wireless Solutions
    • Preventive Maintenance
    • Emsisoft Anti-Malware
    • Consulting
    • Equipment Hire
  • Internet
    • Internet Services
    • Office 365 & Exchange Online
    • Domains & Hosting
    • Websites
  • Contact
  • Remote Support

8 Critical Safety Tips for Safer Online Banking

There are some inherent risks associated with using any online service, but nowhere are the stakes higher than in the world of Internet banking. Make a simple security slip up and there’s a chance that the wrong person could get their hands on your login details – or worse, your transaction authentication number (TAN) – and potentially empty your account from anywhere in the world.

Read on to get more insight into how Internet banking attacks work and what you can do to keep your hard-earned dollars safe.

How do Internet banking attacks work?

Criminals typically carry out Internet banking attacks by stealing your login credentials and using them to withdraw your funds or make online purchases. The exact method of attack can vary, but usually involves the use of social engineering or malicious software (or some combination thereof). Here are some of the most common types of online banking attacks:

Phishing

Phishing remains one of the most common attack vectors. With this type of threat, attackers send out bogus emails that resemble secure messages from legitimate banks. The email usually includes a link to a spoof website that looks more or less indistinguishable from the real deal. When you enter your login details on the site, you’re inadvertently sending your most confidential login credentials directly into the hands of the bad guys. Alternatively, the email may include an attachment that appears to be an important document. When opened, the attachment installs malicious software on your system.

Man-in-the-middle attacks

“Man-in-the-middle” (aka MITM) means that the communication between two partners has been intercepted. This makes it possible for cybercriminals who can successfully impersonate each endpoint (in this case, you and your bank) to not only eavesdrop on your communications but also manipulate the conversation for their own nefarious purposes. For instance, you might think that you’re communicating directly with your bank over a private connection, but the messages are actually being sent and received by the attacker. In the case of “man in the browser” attacks, the attack is performed directly in your browser. In this scenario, SSL encryption, which is designed to protect you from conventional “man in the middle” attacks, is ineffective.

Malware

Malware designed to steal banking credentials, such as bankers and infostealers, usually inject themselves into running browser processes and thus gains full control. This means that banking malware not only knows which websites you open and exactly what you are doing on these sites – including all user details and passwords that you type in – but is also able to manipulate the website displayed, without your knowledge.

This is particularly harmful to you as a victim if transfers you make are manipulated and redirected to other accounts. Even existing forms on bank websites can be subtly modified so that more than one TAN can be requested. These TANs and the copied login details enable the criminals to gain full control of your account. Some infamous examples of banking malware include:

  • Zeus: a trojan that recruits infected machines into an enormous botnet, and uses website monitoring and keylogging to steal banking credentials.
  • Qakbot: created by hacker collective Mealybug, Qakbot incorporates worm characteristics to spread and is designed to collect banking credentials.
  • Ramnit: a file infector that spreads mostly through removable drives. It collects a variety of login details, including those belonging to online banking.

How to protect your bank account

1. Be wary of your emails

Phishing is such an effective attack vector because it exploits natural human weaknesses. Combat phishing by staying hyper-vigilant when checking your emails. Be wary of any links included in your emails, avoid opening attachments unless absolutely necessary, and remember that a legitimate bank will never ask for your complete password, TAN, PIN or other credentials.

2. Use two-factor authentication (2FA)

2FA provides an extra layer of security by requiring you to input a unique code in addition to your regular username and password. Many banks these days offer 2FA in the form of a small device, which generates a new code that you need to enter every time you log in. Be aware that text messaging 2FA is not a foolproof solution and can be hijacked relatively easily.

3. Keep your software up to date

Many attacks rely on exploiting security flaws in a piece of software. To fix these vulnerabilities, developers release updates that bolster the security of their application. Minimise the risk of becoming a victim of a banking attack by always keeping your software up to date and enabling automatic updates where possible.

4. Don’t enter sensitive information while on public Wi-Fi

Public Wi-Fi has become increasingly accessible in recent years, but that doesn’t mean it should be trusted. Many public Wi-Fi networks are unencrypted and unsecured, and those who connect to them are easy prey for man-in-the-middle attacks. In addition, there’s little way of knowing if you’re actually connecting to a rogue hotspot (a free public network established by an attacker to gain access to your personal information). Never input your banking credentials on public Wi-Fi; instead, wait until you get home to your private network, use your cellular data network, or invest in a VPN service.

5. Enable account notifications

Many banks give you the option to enable notifications that will alert you when certain activities take place on your account. For instance, you could set this up to receive a text if a certain amount of money is withdrawn or the funds in your account reach a specified threshold. Account notifications won’t actively prevent banking attacks, but they can help you quickly detect suspicious activity and give you a headstart on stopping the attack.

6. Choose a good password

Attackers don’t always steal your banking password – sometimes they guess it. You can reduce the risk of brute force attacks, dictionary attacks, and simple guess attacks by choosing a long, unique and random password. Check out our previous blog post for more information on creating and storing good passwords.

7. Be mindful of mobile attacks

It’s important to remember that mobile devices are not immune to malware and other types of banking attacks. With this in mind, always use your bank’s mobile app, as apps tend to be more secure than mobile browsers. Mobile devices are also more susceptible to theft than PCs, so be sure to secure your device with a password, PIN or fingerprint to make it more difficult for thieves to access your data. For the ultimate layer of security, consider investing in proven mobile security software.

8. Invest in reliable anti-malware software

Last but not least, one of the most effective ways of protecting your bank account from digital attacks is to invest in reliable antivirus and anti-malware software. A good product will be able to identify potential threats and stop them long before they can make any changes to your system that could endanger your banking credentials and other sensitive information. For a lightweight solution that provides a high level of protection against both known and unknown threats, feel free to contact us at South West ComputAble to talk about Emsisoft Anti-Malware.

Filed Under: Uncategorized

Welcome to South West ComputAble!

South West ComputAble is the premium trusted supplier of technical support, hardware, software and computer services, to business, education, primary industries and homes throughout the region since 1994.

We provide the highest standards of professional, experienced, friendly, local sales, service and support for all your IT needs.

We offer Windows and Apple solutions.

News

  • Five tips for keeping passwords safe
  • Access invoices on Mac Mail
  • Tax time 2021
  • Tech boss steps down after 27 years of local trade
  • Protecting Yourself From Malware Infections in 2021
  • We’re Hiring – Have You Got What It Takes?

Please Contact Us:

South West ComputAble
54A Bussell Highway,
Cowaramup
WA 6284
08 9755 5406

Contact
Opening Hours

Monday

8:30 am – 5:00 pm
Tuesday

8:30 am – 5:00 pm
Wednesday

8:30 am – 5:00 pm
Thursday

8:30 am – 5:00 pm
Friday

8:30 am – 5:00 pm
Saturday

Closed
Sunday

Closed


We love it when people take time to tell us they're happy!

Click here to see a selection of what our wonderful clients think of our service ...

Find Us

Get Directions

Legals

  • Privacy Statement
  • Terms and Conditions

Recent Posts

  • Five tips for keeping passwords safe
  • Access invoices on Mac Mail
  • Tax time 2021
  • Tech boss steps down after 27 years of local trade
  • Protecting Yourself From Malware Infections in 2021

Archives

  • 2022
    • May 2022
    • March 2022
  • 2021
    • May 2021
    • March 2021
    • January 2021
  • 2020
    • October 2020
    • March 2020
    • January 2020
  • 2019
    • December 2019
    • June 2019
    • February 2019
  • 2018
    • September 2018
  • 2017
    • November 2017
    • October 2017
    • May 2017
    • April 2017
    • March 2017
  • 2016
    • December 2016
    • November 2016
    • April 2016
    • February 2016
  • 2015
    • February 2015
  • 2014
    • December 2014
    • November 2014
    • June 2014
  • 2013
    • December 2013
    • October 2013
    • July 2013
    • January 2013
  • 2012
    • November 2012
    • August 2012
    • January 2012
  • 2011
    • December 2011
    • November 2011
    • October 2011
    • September 2011
    • June 2011
    • March 2011

© 2025 · SWC | South West ComputAble · Built by Aguawebs