Protection From Online Banking Scams and Some Frightening Facts :: Financial Scams

Safe Online Banking and Phishing Scams

A recent article from AARP says online banking may not be as secure as we need it to be. Design flaws—which include placing customer login fields and bank contact and security information on insecure pages, allowing the use of Social Security numbers or e-mail addresses as user IDs, and e-mailing passwords or statements to users—leave security cracks through which hackers can gain access to accounts and other personal information.

The average loss per case from online banking fraud is about $30,000, according to the Federal Deposit Insurance Corp. In just three months of 2007, hackers stole nearly $16 million from U.S. residents.

Some things you can do

• Examine the website’s URL. It should begin with “https://”—a more secure Web protocol than “http://”. Never enter your user ID and password on any page without that S, says Prakash. Although most banks use the safer https:// on some pages, only a small percentage have it on all pages, his report shows.

• Make sure the bank’s name follows the https://, as in https://www.bankofamerica.com. An unsafe website has the “host” or other name listed before the bank’s, as in https://www.oriwa.com/bankofamerica/index.html.

• Don’t trust security indicators, such as padlocks or lock icons inside a page, to show you’re protected. Scammers can duplicate padlock icons on login pages and pages containing what’s billed as bank contact information. Instead, Prakash tells Scam Alert, “a hacker could change an address or phone number and set up a fake call center to gather private data.”

• Choose longer, more obscure passwords, with at least eight keystrokes—ideally, a combination of uppercase and lowercase letters, numbers and symbols, such as go#Hen2Ry4&z. Never use your Social Security number or e-mail address as a user ID or password, which was allowed by one in four bank websites surveyed by Prakash.

• Don’t click on any incoming e-mail purporting to be from your bank, especially a message asking you to update your passwords or accounts. Instead, bookmark your bank’s homepage and access your accounts that way. Also, don’t accept offers from your bank to e-mail you passwords or statements, which can be intercepted by cybercrooks.

• Never conduct online banking from a public computer in an Internet cafe or local library, or even with your own computer in an airport or hotel. Also don’t bank online when your computer is very slow or has many pop-ups; those conditions may signal the presence of a virus that could include “keyloggers,” which pass along your keystrokes to a hacker.

• Whether you bank online or receive your statements in the mail, immediately report any suspicious withdrawals or other account activity to your bank.

I like the fact that every time I use my PayPal Mastercard debt card I receive an email thinking me for my purchase. If every bank or credit card company did that fraud would be reduced. Think about suggesting it to your credit card processor.