About 93% of all fraud attempts now happen online. And within that statistic, about 96% or so of the attempts target online banking and financial services. And yet, while we are all broadly aware of the prevalence, it is akin to an earthquake or other natural disaster; it feels like it is something that happens to “other people”. Yet, statistically speaking, it’s likely to be you someday. But how do you make sure that your financial transactions are secure? How do you avoid your cash being part of the $41 billion lost to online fraud annually?
The first thing to understand about financial transactions is that they are almost always structurally secure. That is to say that the ‘hack’ rarely happens within the transaction itself. The encryption used in sending money from point A to point B is almost impossible to intercept. The attack vector (the entry point for a hack) usually lies with the user through the compromisation of account credentials, identity theft, downloading malicious links, and so on.
Thus, the most important thing to do to secure your financial transactions is to make sure that your accounts (of all types) aren’t compromised. That, however, is easier said than done. The average internet user has over 100 passwords and accounts, many of which may be idle or unused. But those accounts may have a wealth of information, including card details, D.O.B., security questions, and so on. You may not have used your eBay account in an age, but it has a profile of you that could be devastating if it gets into the wrong hands.
eCommerce is arguably the elephant in the room. We live in an age where convenience is put front and center of the online experience. You can check out a payment in seconds, and it’s more than likely that the eCommerce platform already has your payment details stored. You don’t want to constantly input new card details or update your password or address. You want convenience, and that plays into the hands of cybercriminals. Once again though, it is not the transaction but the compromising of the account from which the transaction is made that is the problem.
Of course, we can point to examples of online platforms with robust security measures. To this day, there has not been a single successful financial hack of a major licensed online casino platform. Operators offer a wide range of casino banking methods, yet the way the platforms operate makes them ultra-secure. This ranges from using 256-bit encryption on the transactions themselves to holding customer funds in separate accounts (which usually forms part of the casino licensing agreement). Even if someone was to gain control of your casino account, KYC (know your customer) policies would mean it is almost impossible for them to divert your cash.
But not every platform takes the same approach as a licensed casino. And the buck to stopping the fraud will ultimately stop with you. Here are some areas to think about in terms of security:
Phishing is an interesting area of cybersecurity. It’s widely misunderstood and underappreciated as a threat. It’s the no.1 attack vector in global cybercrime for a reason. We think of phishing as clumsy, poorly-written emails promising that we have inherited wealth from a long-lost relative. But while the clumsy examples are the most prevalent, the sophisticated attacks are hugely successful. They can mimic your bank – even to the extent of creating fake websites. They can spend months securing information in a drip feed. One study we have seen showed that 70% of people failed to recognize that they were on a bogus site after clicking a phishing link. So, what to do? The overarching answer is to be skeptical of everything, not giving over the information until it has been double-checked.
The most well-known way to protect yourself is, unfortunately, the most poorly implemented. Let’s call a spade a spade: Most of us don’t update our passwords or use difficult-to-break ones because we can’t be bothered. That fact costs millions of dollars in cybercrime fraud every month, but most of us don’t want to listen because it happens to “other people”. The good news is that we are moving away from the era of the password. Password managers are available and should be used, but more importantly, Google and Apple are killing the password itself. The introduction of the passkey (allowing you to control your account from a secure device) means the death of the 123456 passwords. In the meantime, update what you have.
Beware of Public Wi-Fi
If you are walking through an airport or staying in a hotel, you might feel elated when you connect to the free Wi-Fi on offer. After all, who wants to use their precious data on the road? Yet, public Wi-Fi is, by its very nature, unsecured. If you are accessing banking apps or other sensitive financial information, you are running the gauntlet and may be exposed to man-in-the-middle attacks. Tread carefully, perhaps by considering the use of a VPN.
Use Anti-Virus Software
As we have repeatedly said in this piece, a lot of financial cyber threats are widely misunderstood. When we think of anti-virus software, we picture a program running on our computer that stops us from getting a virus (you may remember the good old days of Limewire). Nonetheless, it does so much more than that, scanning emails for phishing threats, stopping you from entering bogus websites, allowing you to use public Wi-Fi, and so on. Basically, strong anti-virus software helps foster protection for everything mentioned on this list.
Making Simple Checks
We will finish by talking about some of the small steps you can make to ensure that your financial transactions are safe, good habits that don’t take long to implement. For example, you can take a moment to check that the website you’re visiting has an SSL security certificate (simply hover over the lock symbol in the web address). You can get into the habit of using 2FA logins, which makes account compromisation all the more difficult. And you can run credit checks to see if your details are being used by scammers. Even in more extreme cases, you can use people-finder tools to see if anyone has used parts of your credentials online. Above all, remain skeptical of everything, as complacency is the number one weapon of cyber criminals.