Bank accounts has always been the main target of cyber criminals, and with the advent of Internet banking this problem has increased by many folds.
In the blog, first we’ll check the most common forms of cyber attacks imposed by criminals to steal bank account details, and then look at the ways of preventing it.
Here are 2 most common ways of grabbing someone’s bank account,
- In phishing attack, a victim receives an email requesting to access his bank account through some other url. The sender impersonates as bank official with email and the mailed url appearing strikingly similar to the bank’s original website, but in fact, has no relation to it. Its actually a ploy of sender(cyber criminal) to get victim’s confidential details to gain access over his account.
- By remotely installing spywares onto a victim’s computer system, confidential details can be stolen by the cyber criminals. These spywares track user activities on his system, logs it in a file and sends it via email to an unknown email id. One such spyware is the ‘Keybloggers’ which is easily available in the market.
In both these methods, the victim unknowingly discloses his information to wrong people. It happens mainly because of careless approach, limited internet knowledge, and no or little awareness of potential cyber threats around online bank accounts.
Lots of problems can be avoided just by playing safe and being cautious in approach.
Here are some ways of preventing against such attacks on bank accounts, also applies for email and other confidential accounts,
- Never give your password to anybody, including your family members. Losing a bank account is worth more than losing an email account, so keep your bank information private. For better protection, periodically change your password, say in every 15-20 days.
- No bank ever contact its users through mail or message. You might receive transaction details via SMS but confidential details like PIN, password etc are never sent via these medium. So avoiding such messages/emails is best way to prevent such approaches from wrong guys.
- Always check the url(website name) before entering your username and password. There may be times when you mistakenly move to some other, similar looking website and provide your confidential details.
- To prevent bruteforce attack on account, always use alphanumeric password with more than 8 characters. Alphanumeric passwords have a combination of letters(small and caps), numbers and special characters. To further strengthen the password, use more than 10 chars and never include your basic details like name, phone number, address etc anywhere in your password. An good password for bank account could be *my_g1Zm0 which is actually asterisk, m, y, underscore, g, 1 (for i), Z, m, 0 (for o).
- Never respond to unknown emails to keep bank account secure. These are spam which can ploy you to reveal your bank details. Phishing attacks thrive on responses from such email.
- Make sure your browser automatically detects phishing websites and block them. Internet Explorer 8+ has an inbuilt phishing detecting system, Google Chrome and Mozilla Firefox also detects bad sites. Regularly update browsers for better protection.
- Keep your antivirus and firewall updated. These two programs prevent your from spywares that log your internet activity and steal your password. Also, avoid installing unauthorized softwares.
- Prevent using links provided in emails, or any websites you visit to login into your bank account. Rather type url by yourself and go directly.
- Report any suspicion/threat to account to your bank and make sure they block transactions with immediate effect. In such a case, nobody could do transaction from your account, including you.