One of these is that ‘hacking’ is a blanket term for social media account compromise, fintech services hacking (PayPal), bank account hacking, smartphone or computer hacking, etc.
Since one of the worst hacks one can suffer is the one involving money in the bank, and so this post will speak mostly on what to do when your bank account has been hacked. The advent of fintech platforms and services has come with fantastic opportunities as well as improvement in how we handle money.
We pay various services to store, invest, transfer and run entire bank accounts online with these services. However, with this ease came a new point for attacks. This topic is tricky; who bears the loss? What happens next?
Evaluate the Problem
In any form of hacking, you should plan for the worst case scenario, even if it’s the hacker digging up from your Facebook, an embarrassing conversation with an ex. However, in bank account hacking, we are talking about clearing out one’s savings and putting you in thousands of dollars’ debt. More reason why I chose to base this article on your bank account getting hacked.
In 2019, people are opting to pull their funds from banks and go for online services that are presumably less likely to be targeted. However, ironically, most bank accounts are hacked because they linked them to an online money payment transfer platform and kept their details insecurely or clicked a phishing link.
In either case, continue reading this article to see exactly what goes on when you are hacked and why you should not be wary of banking with an online institution or a brick-and-mortar bank.
If your bank account is hacked, you may not lose any money
Many people are not aware of this fact, but banks bear the loss of funds stolen via a cyber attack. This is especially with personal account holders; according to Regulation E, if you alert your bank of fraudulent transactions you observe from your account within a period and take measures to secure your account, then the bank is liable to pay for any subsequent funds stolen from your account. (wow, right?).
The Federal Reserve established Regulation E to mitigate cyber fraud as well as to act as a guide for safeguarding electronic funds transfers (ETFs). This regulation states that if customers notify their banks in the right way, they only bear losses of no more than $50. Further, the right way to inform the banks, according to the regulation, is to let the bank know of fraudulent transactions within two days of receiving the payment alert.
More so, even if the customer reports the transactions after 60 days, they still are not liable to bear the full loss; they pay up to $500, and the bank pays the rest. This is where they draw the line because if the customer notifies the bank after a period of 60 days, the customer bears the full loss. So, from this law, if you stay on top of your online and offline banking activity, you should be fine because the banks are more prepared than ever.
Banks are prepared
Every single day, attackers attempt to hit the banks, and this systematically prepares the banks for most cyber threats. Besides, the banks have access to the most sophisticated cybersecurity protocols, tools, and software to mitigate such attacks.
I mentioned that you are better off trusting banks or big financial institutions with your money. The banks are so prepared that only massive attacks can cause a serious scare.
How to protect yourself
Only a few cyber attacks happen on a broad scale and involve all the customers of a specific bank; most breaches are personal and occur only because the account holder was careless with his or her details, knowingly or unknowingly.
Nowadays, everything is interconnected, and with the public not made aware of attack vectors and cybersecurity protocol, it is easy for hackers to obtain any information they need to carry out an attack. Therefore, you should always be alert to cyber theft.
Staying safe online is really easy. When using public internet, assume that your internet traffic is monitored, so never enter any sensitive information and do not log into anywhere while using these public networks.
Also, bear in mind that the ‘remember your computer,’ ‘save my password,’ and other settings that make it easier for you to log into a website – those settings also make you less secure.
Your IP address can be spoofed, or a script can steal all your browser’s saved passwords from the password store (yes, your passwords are saved in a file on your computer, but encrypted) to hand them over to the hacker.
You need as many layers as possible to your information security, so it’s a good idea to disable ‘remember passwords.’
Watch out for fakes
The easiest way for hackers to get people to take action on their malicious website or software is to convince them that they are another website or software the user trusts. Social engineers will exploit this trust and use it against you.
You will get emails that look like they came from your bank or PayPal telling you to visit the website to confirm your information; most times, they make it sound urgent! The URL can be spoofed, so if you get such emails, click the security icon on the address bar of your browser.
As emphasized, in the post about what to do when you are hacked, that you make your passwords as complicated as possible, not use a password for multiple sites (utilize a password keeper if needed), and change your passwords regularly.
There are no safer alternatives
Banks are constant targets for hundreds of hackers and have been hacked a few times; Facebook, Apple, Twitter, PayPal, etc. are all tech giants with millions invested into cybersecurity, but they have been hacked also. Sadly, these services are still, in all aspects, the safest you can get, by far.