Stopping cyber crime, it’s a joint effort

Approximately one-third of retail banking customers plan to increase their use of online and mobile banking services post COVID-19, according to a recent survey.ⁱ  Twenty percent say they will visit the branch far less often.ⁱⁱ 

As consumers turn the final corner on digital adoption, banks and credit unions are facing a growing cyber threat, and it is one they will not conquer without help from valued customers and members.

Here are several practical tips that financial institutions can pass along to customers and members to heighten awareness of online threats as well as digital security.

Passwords Matter

Cyber criminals use a variety of methods to crack passwords, including automated tools and brute-force attacks. The strongest passwords are long—think twelve characters or more—employ numbers or special characters, and avoid the use of common patterns or phrases. For example, maytheforcebewithyou has symbolic meaning to many, but it is also a password that could be used by thousands of others, making it easier for hackers to guess.

An alternative option is to use a phrase about an event that is memorable only to you. For instance,  a runner who has just broken their first five-minute mile is likely to remember the event and date on which it happened,  so turn it into a password: first5minutemile2020. Just make certain you are not using information that others can discover about you online and be sure not to reuse passwords between accounts.

Use Secure Channels

While security protocols, such as passwords, work to protect your account from fraudulent access, you could still be vulnerable to cyber attacks if you are accessing your accounts over unsecured channels. This can include public Wi-Fi networks—such  as one you might use at an internet café—but  can also include your home Wi-Fi network if you have not secured it from public access. Transactions made over unsecured channels can be monitored, allowing sensitive information, such as passwords, to be stolen.

To be safe, never exchange information with your bank or log into your online banking platform using a public Wi-Fi, and make sure that you are using a solid password to protect access to your home Wi-Fi network.

Multi-Authentication Is Worth the Time

Multi-factor authentication (MFA) uses multiple methods to verify an identity. For instance, you may be asked to enter a password as well as a security code that has been sent to a previously registered device or email address.

While many customers are bothered by the extra effort required to log into accounts, Microsoft reports that the extra step is well worth the time. The company, who sees 300 million fraudulent sign-in attempts every day, says that MFA works to prevent nearly all attacks.

"Based on our studies, your account is more than 99.9% less likely to be compromised if you use MFA," said Alex Weinert, Group Program Manager for Identity Security and Protection at Microsoft.ⁱⁱⁱ  

Sign up for Account Alerts

Consumers can proactively monitor for security breaches by signing up to receive automated alerts related to their accounts. Here are 5 that financial consumer watch group, Nerd Wallet, recommends that everyone activate:

1. When transactions over a pre-specified amount post to your account.
2. When personal information associated with your account changes.
3. When an ATM withdrawal exceeds a preset amount.
4. When your account drops below a specific balance.
5. When any debit card purchase occurs.

Learn to Recognize Illegitimate Communication from Your Financial Institution

The financial services industry was the second-most targeted industry for phishing attacks during the first quarter of 2020.^iv  Phishing is when cyber criminals attempt to gain access to your personal information using communications that look and sound like they come from your bank or credit union.

To spot a fake, look for generic greetings, such as “Hello Customer” and watch for suspicious language suggesting that your reply is urgent. It is always a good idea to double check any communication you receive with your bank by phoning your local branch or the listed phone number for your financial institution.

Do not click on links within an email or text message, use the phone number provided, or pass along any information without first checking with your financial institution.

By adhering to these basic principles, consumers can join with their financial institution in stopping the work of cyber criminals.

_{ⁱ  Jim Marous. “Big Banks Benefiting Most From COVID-19 Digital Shifts.” Financial Brand, Apr. 27, 2020. Web.
ⁱⁱ  ibid.
ⁱⁱⁱ  Catalin Cimpanu. “Microsoft: Using Multi-Factor Authentication Blocks 99.9% of Account Hacks.” ZDNet, Aug. 27, 2019. Web.
^iv  “Online Industries Most Targeted By Phishing Attacks As Of 1st Quarter 2020.” Statista. Retrieved from https://www.statista.com/statistics/266161/websites-most-affected-by-phishing/.}