Secure Your Online Banking in 5 Steps

So, you’ve opened a new bank account, credit card, or investment account. Almost every financial institution under the sun now offers online banking, and each has its own enrollment process. No matter the specifics, make sure to do these 5 things when signing up and getting your new account ready.

  1. Choose a secure password and a unique username. Many online banking platforms mandate strong passwords, but they can’t detect if you have reused the password elsewhere. Never reuse a password. This opens you up to credential stuffing attacks. Come up with a complex password, with upper and lowercase, special characters, and save it in your password manager.
  2. Enable two-factor verification. Your options will vary here, but almost every service supports text message, phone, or OATH-TOTP based two-factor verification. This provides an extra layer of security that can stop an attacker from utilizing a compromised password. Prefer app-based methods (Google Authenticator, Authy, etc) over telephony-based as intercepting SMS or calls is a real risk and surprisingly easy to do.
  3. Set up account alerts. Check your options for receiving alerts. Most accounts have these disabled by default, except for very important alerts, to avoid overwhelming consumers. Review your account’s alert options, and consider enabling text message alerting if supported.
  4. Turn on paperless statements and review them regularly. Signing up for eStatements is not only environmentally friendly, but it also reduces the amount of sensitive information you have lying around in hard-copy form. The convenience afforded will make it easier to regularly review and catch a fraudulent transaction in time, or dispute an error.
  5. Call Customer Service and request a pin or password be required to your account for support calls or tickets. Social engineering attacks are becoming more widespread. It’s surprisingly easy to impersonate you, using publicly available information, and persuade Customer Service to grant unauthorized access. This isn’t a surefire fix as it depends on Customer Service actually honoring and confirming the pin every time, but it can cut down the risk a lot.

Each of these steps incrementally improves your account security and together will greatly reduce the risk of compromise. Change your passwords regularly and use a password manager for everything.