Mobile banking continues to be popular among consumers as an easy way to conduct financial transactions, and criminals are taking advantage.
“Half of consumers right now have a smartphone, and about half of those are using mobile banking,” says Alphonse Pascual, senior analyst, security, risk and fraud at market research firm Javelin Strategy & Research. “Mobile banking does leave consumers open to having information stolen.”
Security experts say mobile banking isn’t as risky as banking from a PC because mobile phone app developers have learned from their PC predecessors and made their offerings more secure. Still, there are risks, and if users aren’t careful, they risk compromising their personal information and hard-earned savings to scammers.
“One of the big risks is somehow a malicious hacker gets between you and the bank and intercepts your credentials and finds a way to transfer money,” says Andrew Hoog, chief investigative officer at digital forensics and security company Via Forensics. “It doesn’t matter if you logged in to check your bank account or to transfer data. Either way, it’s a potential way for a hacker to get inside your account.”
Offense is the Best Defense
Anti-virus software is the best way to protect a PC, but that’s not an effective defense for mobile phones. Instead, security experts say users need to be selective of where they conduct their mobile banking.
Logging onto a banking website over a public Wi-Fi in a public area like a coffee shop, hotel or in an airport is a security risk as the network is vulnerable to anyone monitoring that hot spot to intercept the data being transferred to the bank. Hoog says it’s much harder for scammers to seize information over the phone carrier’s secure network or through a trusted hot spot.
Using a bank’s app will also help protect financial data. “Half of mobile banking customers still use mobile browsers to access the bank but it’s something we don’t recommend,” says Pascual. “The mobile browser is less secure than a well written mobile app.”
But consumers should only download banking apps directly from the financial intuitions’ website. Often criminals will create a look-alike fake apps to trick users into divulging their login and password.
Lost Phone Prevention
One of the biggest ways consumers fall victim to mobile banking fraud is when their phone is lost or stolen and scammers get access to all their information stored on the device.
To help mitigate compromised information in the event of a lost phone, avoid automatic logins and always require a password.
“Even if you don’t save your log in information when you are done with a session, you should log out,” says Pascual. “It leaves you open to the same risks.”
Hoog also recommends users periodically inspect their devices to make sure they didn’t install a bad app or that their phone isn’t sending text messages unprompted. “Take a hard look at your device and computer at home to make sure there aren’t issues,” he says.