06/17/2020: Mobile Banking Security
With city, state, and local governments urging or mandating social distancing, Americans have become more willing to use mobile banking as an alternative to physically visiting branch locations to transfer funds and deposit checks.
US financial technology providers estimate more than 75 percent of Americans used mobile banking in some form in 2019. The FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of techniques, including app-based banking trojans and fake banking apps.
The FBI advises the public to be cautious when downloading apps for games or tools on smartphones and tablets, as some could be concealing malicious intent.
Private sector companies manage app stores for smartphones and actively vet these apps for malicious content. Additionally, most major US banks will provide a link to their mobile app on their website. The FBI recommends only obtaining smartphone apps from trusted sources like official app stores or directly from bank websites.
Use Two-Factor Authentication
Cybersecurity experts have stressed that two-factor authentication is a highly effective tool to secure accounts against compromise, and enabling any form of two-factor authentication will be to the user’s advantage
- Enable two-factor or multi-factor authentication on devices and accounts to protect them from malicious compromise.
- Use strong two-factor authentication if possible via biometrics, hardware tokens, or authentication apps.
- Use multiple types of authentication for accounts if possible. Layering different authentication standards is a stronger security option
- Monitor where your Personal Identifiable Information (PII) is stored and only share the most necessary information with financial institutions.
- Click links in e-mails or text messages; ensure these messages come from the financial institution by double-checking e-mail details. Many criminals use legitimate-looking messages to trick users into giving up login details.
- Give two-factor passcodes to anyone over the phone or via text.
- Financial institutions will not ask you for these codes over the phone.
Use Strong Passwords and Good Password Security
Cyber actors regularly exploit users who reuse passwords or use common or insecure passwords. The FBI recommends creating strong, unique passwords to mitigate these attacks.
- Use passwords that contain upper case letters, lower case letters, and symbols.
- Use a minimum of eight characters per password.
- Create unique passwords for banking apps.
- Use a password manager or password management service.
- Use common passwords or phrases, such as “Password1!” or “123456.”
- Reuse the same passwords for multiple accounts.
- Store passwords in written form or in an insecure phone app like a notepad.
- Give your password to anyone. Financial institutions will not ask you for this information over the phone or text message.
If a Banking App Appears Suspicious, Call the Bank
If you encounter an something on your banking app that appears suspicious, exercise caution and contact your financial institution. Some financial institutions may ask for a banking PIN number, but will never ask for your username and password over the phone.
If you have questions about the Wolf River Mobile Banking app or any questions related to identity theft prevention, please contact us at (920) 779-7000.