An article written by :Jonathan Carter, Manager – IT Security
With banking being done mostly online nowadays, criminals are constantly exploring new ways to get their hands on our money, leading to the need to secure online banking services whilst also ensuring users are made aware of the risks.
Best practices we should follow and fraudulent techniques we should look out for are explained in this article.
Use strong credentials.
Secure your passwords! If your credentials are stolen, a fraudster will try your password on other accounts you might own. Some password hygiene rules to follow include:
- Keep your passwords complex and unique. When creating a password try to use a combination of letters, symbols and numbers and use a different password for each online service you subscribe to.
- Keep your login details secret and never write them down or carry them in your purse or wallet. Remember your credentials are the gateway to your online accounts.
Where possible, enable multi-factor authentication and/or biometric authentication. These measures will drastically reduce the possibility of your accounts being compromised.
Protect your device.
One of the biggest threats to online security is a compromised device, be it a computer or a smartphone. To protect a device, it is always recommended to keep your device’s operating system and applications updated. Only download apps that you are familiar with and ensure that these are downloaded from your device’s app store. Installing and regularly updating a virus protection software is also critical to keeping your personal devices and your online banking safe.
Fraudulent emails and text messages.
A popular method used by fraudsters to trick victims in giving their usernames and passwords is via email, through a technique called phishing. Through phishing, fraudsters send out emails that pretend to be from your bank or another trusted institution, influencing human emotions through a sense of urgency and attempting to persuade victims to provide personal information and other security details – most often by directing the victim to a webpage very similar to the original one.
What to look out for?
To avoid falling victim, one must verify the sender, watch out for any strange website links present in the email, check that the website link (URL) is genuine by hovering over the link to check that they are related to the company you are dealing with. Phishing emails usually contain a sense of urgency, the fraudster demands a quick action from his victims.
In addition to phishing, recently customers of several local Banks have been the target of smishing scams, particularly during the COVID-19 pandemic. Smishing is a form of a cyber-attack where the victim is tricked into believing that an SMS was sent from a trusted organization. Some indicators to look for would be general greetings, messages asking for personal information and urgency.
Reporting Fraudulent Emails and Text Messages.
When one suspects that he/she could be a victim of fraud, acting quickly by notifying the bank and law enforcement about any suspected fraud. It is also recommended that one takes other measures, such as changing passwords to prevent further misuse.
Keep in mind, that if a request seems suspicious, it probably is! Be wary of any unusual requests and trust your initial judgement.
MeDirect Bank never contacts you via email or SMS to update your details, provide credentials or claim that your accounts are going to be deleted or blocked unless you take immediate action. MeDirect Bank is committed to protect its customers and provide a secure banking experience.
MeDirect Bank (Malta) plc, company registration number C34125, is licensed to undertake the business of banking in terms of the Banking Act (Cap. 371) and investment services under the Investment Services Act (Cap. 370). MeDirect Bank (Malta) plc is regulated by the Malta Financial Services Authority as a Credit Institution under the Banking Act 1994.