Steps To Bank Online Securely
from the US – Computer Emergency Readiness Team (US-CERT)
Review All Privacy and Policy Information
By law, banks are required to send you a copy of their privacy policies and practices annually; you may also request a copy of this information. Bank web sites should also have this information. As you read this information, pay particular attention to any mention of the methods used for encrypting transactions and authenticating user information. Also, check the information to see if the bank requires additional security information before authorizing a payment to a business or individual that has never received a payment before.
Use Unique And Hard To Guess Login Information
Be sure to change your PIN or password regularly. Do not choose a PIN or password that contains personal information such as your birthday or Social Security number; an attacker might be able to guess these. Regardless of the circumstances, NEVER give someone access to your current PIN number or password.
Protect Your Computer
Install anti-virus, firewall, and anti-spyware programs on your computer and keep them up to date. Installing and updating this software protects your computer and its contents against unauthorized access. You should turn on automatic updates for these programs or, if prompted, always agree to download system updates as soon as they are available.
Check Your Account Balance(s) Regularly
Timing is a factor in your response to unauthorized electronic fund transactions. If you receive a paper account balance, make sure that you reconcile it with your online balance.
Do Not Access Your Account From Public Locations
Avoid situations where personal information can be intercepted, retrieved, or viewed by unauthorized individuals. You should conduct online bank transactions in locations that are not subject to public monitoring. When you are entering login information, you should avoid using unsecured or public network connections (for example, at a coffee shop or library). As a general rule, you should avoid using any computer that other people can freely access; the end result could be unauthorized access of your financial information. Remember, it is possible for your account information to be stored in the web browser’s temporary memory.
Verify Email Correspondence From Your Bank(s)
If you receive email correspondence about a financial account, verify its authenticity by contacting your bank or financial institution. You should not reply to any email requests for security information, warnings of an account suspension, opportunities to make easy money, overseas requests for financial assistance, and so forth. Also, links found in these suspicious emails should not be clicked. Forward a copy of the suspicious email to the Federal Trade Commission at email@example.com and then delete the email from your mailbox.
If Your Account Is Compromised, Take Immediate Action
Contact the bank as soon as possible if you discover any transactions on your account that you did not authorize.
FOR MORE INFORMATION ON PROTECTING YOUR ONLINE PRESENCE PLEASE VISIT US-CERT at http://www.us-cert.gov/