4th October 2018
Cybersecurity Practice Director Luke Potter provides some expert guidance on keeping your bank details safe
Following SureCloud’s recent feature as part of the BBC’s Rip Off Britain program, I wanted to share some tips we can all use to keep our personal information, and our cash, out of the hands of criminals with SureCloud’s data privacy solutions.
It is surprisingly easy for fraudsters to convincingly pose as a representative from your bank, either on the phone or by crafting a plausible-looking email. The following steps won’t take up your time or money, and can stop you from giving away your account details – and potentially, your savings.
Most banks have great security solutions on offer, but they aren’t always activated automatically. For example, if your bank’s app or online service offers 2-factor-authentication (2FA), make sure to use it. With 2FA, even if someone got hold of your username and password, they wouldn’t be able to access your full account. It adds an extra step when you log on, like providing a fingerprint or a code sent to your mobile phone.
If your bank gives you the option to activate ‘push’ notifications instead of communicating with SMS, it’s well worth selecting that option. SMS is now a relatively old and insecure technology that’s easy for criminals to spoof, whereas push notifications are much harder to hack.
To avoid passing your details to criminals, the safest thing to do is to never give away your login or account details to anyone claiming to be from your bank if you are asked to do so over the phone, via text message or email in a conversation that you have not initiated.
This is something that we all hear regularly (and are probably bored of hearing), but it’s so often ignored. If all of your passwords are variations on the same theme, you may be putting your accounts at a cyber security risk. If a hacker manages to obtain one password, it makes it easier for them to guess other passwords too.
The most secure passwords are unique, chosen at random, and use a combination of lower-case and upper-case letters with numbers and special characters. It can be difficult to choose a strong password, and even more difficult to remember scores of unique codes – a password manager product can be a great help here.
Phishing and “SMShing” attacks appear 100% genuine, using the way the bank communicates with customers to convince victims of their authenticity. If you ever want to check if a communication is genuinely from your bank, contact them directly using your banking app, their main phone number or website.
The importance of keeping your web browser, operating system, and devices up to date cannot be understated. Older versions of software can contain vulnerabilities that criminals know how to exploit, so it’s important to make sure that you’re using the latest versions of any software or hardware you use to access your bank account. Replacing old PCs, smartphones and tablets is a small price to pay for protection against criminals.
These steps are simple to achieve, and while they are the absolute basics, getting them right will put you ahead of the majority of online banking customers. When it comes to staying ahead of cyber-security attackers, you don’t have to be more advanced than the criminals. It’s like being chased by a tiger – if you stay one step ahead of the person next to you, the chances are you won’t get caught out.
Learn about our Cybersecurity Services here to keep your organization secure.
About Luke Potter:
Luke oversees SureCloud Cybersecurity Solutions. He also manages our Secure Private Cloud. Luke is a recognized cybersecurity expert. He is a CHECK team leader, Tiger Scheme senior security tester, ISO 27001 lead auditor and Microsoft Certified enterprise administrator. Previously, Luke managed the IT team at a large UK insurance brokerage.