According to various Internet banking estimates, 21 million people in the UK prefer to use banking online. However, paying bills at post office or chain stores is still popular. Of course, the younger and more educated person, the more likely to use online banking. One exception are entrepreneurs who are constantly looking for ways to cut costs - a few years ago most of them switched to e-banking regardless of age.

It is said that people are mostly afraid of username and password leakage and fake websites. Some banks don’t impose daily transaction limits, making it easier to clear the account after you have lost your credit card. Banks have spent vast sums of money on online security. The problem is that whenever they try to put sophisticated measures in place, the fraudsters respond with even more sophisticated countermeasures trying to their hands on our money.

Fot. Pfala/Lic. CC by

There are two ways thieves use to access online bank accounts. These include phishing and password theft. When it comes to phishing, they trick you into thinking that you're logging into your account, and take you to a fake website that resembles the website of your bank. They simply send you an e-mail, informing that you need to click on the link and log into your online account. In reality, your security details are passed on to thieves.

Thieves can also install a key logger on your computer that records what you type, so when you next log onto your online account, the program secretly captures your username, password and other sensitive data. And then secretly passes them to a thief over the internet.

What can we do to protect our bank accounts from fraudsters?

Basic security measures

First of all, common sense is the best protection. Don’t click on a link to visit your online bank. Instead, type in the URL into your browser or visit it through a bookmark you have created. If you want to make sure the message is real, just call your bank.

Another thing worth considering is a decent and updated browser. At this point, we recommend Firefox and Chrome, as well as less popular Opera. These browsers come with a strong built-in protection - Google is a top tog in this category.

They send alerts before you visit suspicious websites and unconsciously download malware. Key loggers are the most dangerous software since they log each keystroke you enter into a computer and send your data to thieves.

Regular updates of your operating system will eliminate security flaws as will avoiding downloading files from websites you don’t trust.

Finally, it's always a good idea to have good security software, that will protect you against key logger attacks and other malware.

Good habits

Different banks use different security measures for online banking but password you are using to log into your online bank should be strong. Which means it should be difficult to guess. Make sure it consists of letters, numbers special characters and different capitalization. More and more banks ask users to enter only specified characters. It is a bit of pain but protects from key loggers.

It also should be different from an email password. For example, if you log on to your email from an insecure computer, fraudsters could access your password details and steal your money. And what is important, don't write your passwords down or share them with anyone.

Protection isn’t perfect. Certain Trojans such as recently discovered Citadel skillfully modifies the appearance of the login panel. The customer has to provide specific parts of the password twice. The cycles overlap - so you unconsciously give the whole password.

Therefore, it is essential to pay attention to any suspicious changes in banking services. A reliable bank informs its users of any alteration either by e-mails or using a system message on its website - before they are applied.

Mouse instead of keys

We should consider using the onscreen keyboard. Some banks offer this feature in transactional sites. Using Windows virtual keyboard can be a good choice. We can find it in the Start Menu. We click the keys using mouse, thus key logger cannot record our password.

Be cautious while you log into your bank account. It is recommended to do it at home. Try to use trusted and reliable both computer and connection. Also avoid using public computers and unsecured wireless connection since your data being sent from your PC to the wireless router can be easily intercepted by unauthorized people.

Be careful while logging on your friend’s computer. Someone who has access to this PC may intentionally or unintentionally capture your passwords.

Beware of Phishing

One of the most common method used by cyber criminals to intercept passwords is phishing. You receive an email resembling the look of the one from your bank. Then, they ask you to click on a link in the email, which takes you to a fake website. This attack can be avoided by never clicking on a link to visit your online bank.

No bank will ever ask you to send sensitive data over e-mail. If any problems occur, bank employee get the job done over the phone. So never send your personal information such as username, password, PIN, account information, credit card, over e-mail.

Make sure the page is real when entering data

Regardless of whether you suspect a phishing attack, or any other, we can easily verify if the page is secure. Whenever you see a small lock in the bottom corner of the window, this means that the page is encrypting information. Or when the URL starts with https:// instead of http://. If you do not see this, don’t log into your bank’s page because all information can be easily accessed by someone.

Finally, the date and time of the last visit on the site. If the browser says that we visit the website for the first time, we should be careful. Of course, the message will also appear if you had just cleaned the history and cookies.

Bank security

As we have mentioned above, a solid bank allows the customer to set a password that has at least a dozen of characters, without any limitations regarding letters or numbers. It also allows you to establish difficult to guess and easy to remember login.

Another aspect worth mentioning are security transfers. The most convenient and secure method is using a card of one-shot codes. It usually contains dozens of passwords, which authorize online transfers. The only downside is that we can easily lost it.

Someone can steal them from the bank, link to user names and their passwords and clean their accounts. Therefore, a better solution are text passwords. Banks generate them on a regular basis, they are delivered within a couple of seconds to the previously authorized mobile phone number.

The best protection is offered by the so-called hardware and software tokens. They generate codes on request by entering a special PIN, selected numbers from the account number and the additional code displayed within the transaction service. This way, to make a transfer, a cybercriminal needs to have a set of data.

It is relatively difficult to get them, which significantly reduces the risk of theft. On the other hand, they are usually very expensive. So it can be recommended to those who have higher incomes, store large sums of money, and, of course, for entrepreneurs.

Shopping online

Let's face it, shopping online has become a part of our lives. The bargains are constantly attacking us. The selection of products is mind-boggling. But some still worry that their personal details will be given to bad guys. Online shopping is certainly here to stay. Just keep in mind these tips and enjoy your online shopping.

Use familiar websites if you are transferring money via the site and check the location and contact details of the online retailer. Make sure your data is going to be processed using a secure connection. Always look for the lock. Never ever buy anything online that doesn't have SSL encryption installed.

The most important thing you need to look for when you're giving your card details over the Web is a small closed padlock or key symbol in the status bar at the bottom of your web browser, or right next to the URL in the address bar. If you it is not there, don't give your card details. Look for a privacy policy and read the regulations whether the company uses your information and sends them to third party merchants.