Protect your bank account from hackers: 6 steps Follow these simple tips from digital security experts to prevent identity theft by safeguarding your bank account. September 6, 2023 It’s easier than ever to manage your bank account from wherever you are—whether binge-watching your favorite TV show from the couch or waiting in line at the grocery store. Online and mobile banking have many advantages, from helping you deposit a check to making a bill payment. While enjoying the benefits of online banking and digital finance tools, it’s important to keep security and how to protect your bank account from fraud top-of-mind. That’s because cybercriminals are a growing threat, especially as they use more sophisticated methods in an attempt to steal personal information online. In 2019, the Federal Bureau of Investigation received an average of nearly 1,300 cybercrime complaints every day with more than $3.5 billion in losses to individuals and businesses. That same year, the Federal Trade Commission reported more than 650,000 cases of identity theft—when criminals assume a person’s identity to make purchases or transactions—marking a 46% jump from the year before. From fake emails that ask you to confirm your username and password to malware that swipes your information when you’re on public Wi-Fi, scammers can use a number of techniques to try to access your bank account. Given the prevalence of these strategies, it’s important to safeguard yourself from scammers, fraudsters, and hackers, says Steve Weisman, editor of a fraud information website. “There are things you can do to keep yourself from being the low-hanging fruit,” he says. So how can you protect your bank account from fraud, scams and identity theft? If you take these steps, you can help enhance your bank account security and bank online with confidence. “What’s most important about passwords isn’t strength or guessability, but that the passwords are not the same across accounts.” 1. Use unique passwords for every account You probably know that having a strong password is important. But as you work to protect your bank account from hackers, one password, no matter how strong it is, may not cut it. If you use the same password for multiple accounts, all of them are in potential jeopardy, says Weisman. If a hacker uncovers the one password, that can make it easier for them to access your other accounts. This can potentially include bank accounts with your sensitive financial or payment information. Jeremiah Grossman, cybersecurity expert and CEO of an IT startup, agrees. “What’s most important about passwords isn’t strength or guessability, but that the passwords are not the same across accounts,” he says. Create a base password and then add to it Don’t get too stressed about the prospect of managing multiple passwords—there are plenty of tricks and tools out there to help you. Weisman recommends this technique for creating account-specific passwords: First, choose a base sentence that includes a mix of letters (uppercase and lowercase), numbers and symbols (stay clear of using any personal information). Next, add to this password for each account. Weisman gives an example with the base password, “IDontLikePasswords1!” If you follow this method, your next password could be something like “IDontLikePasswords2!!” Consider a password manager To keep track of your many passwords, including the one for your bank account, you might want to download a password manager. A password management tool allows you to store passwords without needing to memorize them, and many will even generate strong passwords for you. For an even simpler option, you can physically write your passwords down. “While less convenient, it’s easier to protect a piece of paper than files on your computer,” Grossman says. If you go the pen and paper route to protect your bank account from fraud, ensure your password document is in a safe, locked place that can’t be accessed by others. Update your passwords on a regular basis Wondering how often you should update your bank account password, as well as your passwords for other financial and personal accounts? “Changing passwords once every year or two should work,” Grossman says. Both Weisman and Grossman advise that while occasionally changing your passwords is a good idea, using a mix of passwords is more important as you work to protect your bank account from hackers. Get creative with security questions You may be asked to answer a security question if you forget a password or log in to an account from an unfamiliar device. Similar to passwords, you’ll want to strategically approach security questions to protect your bank account from hackers and to help prevent identity theft. What makes a strong security question and answer? Consider thinking beyond the truth, Weisman says. The honest answer to many security questions can be found through online research by a cybercriminal. “If your security question is your mother’s maiden name, you can answer it nonsensically with something like ‘Grapefruit.’ The answer is silly enough for you to remember it, and no hacker will ever be able to find it through searching the internet,” Weisman explains. 2. Leverage two-factor authentication As you work to protect your bank account from fraud, two layers of defense are better than one. That’s where two-factor authentication comes in. With this method, you’ll need your password and another proof of identity like a one-time code sent to your phone in order to log in to an account. If hackers get a hold of your bank account login credentials, it would be difficult for them to log in without your second verification. In some cases, two-factor authentication will only be activated for certain actions to protect your bank account from hackers. For example, Discover offers Enhanced Account Verification as an additional layer of security. This may be activated when you’re logging in to your account from an unfamiliar device or when you’re making updates to your personal information. Grossman also recommends downloading an authenticator app to help protect your personal information online. This type of app generates a code directly on your phone instead of delivering it to your phone, which reduces the likelihood of interception. While each authenticator app works differently, you will typically be able to set it up to work with different accounts of your choosing. 3. Be cautious of public Wi-Fi From your favorite coffee shop to your local library, public Wi-Fi is available all over. But are public Wi-Fi networks safe to use? Weisman says it depends on what you’re doing online. If you’re browsing the news or reading blog posts, it’s probably fine, he says. If you’re doing anything that requires login information, such as signing in to your online bank account, it’s best to avoid such activity, he adds. Why? When you use public Wi-Fi, the open connection could allow cybercriminals to potentially grab your username and password as they pass between you and your bank website, Weisman explains. Yet, there may be a solution. “If you have to use public Wi-Fi, a virtual private network (VPN) will encrypt everything,” Weisman says. A VPN is software or an app that connects your device to a different server on the internet. That way, it looks as if your connection is coming from another location, making your online history harder to trace and helping to prevent identity theft. 4. Update and patch your software regularly If you ignore those pesky software update notifications that pop up on your devices, you may want to reconsider. You could be putting yourself at risk if your device isn’t updated. That’s because hackers search for security holes in systems, Grossman says. In addition to keeping your software up to date, remember to patch it on a regular basis. A patch is software that provides codes to cover any security holes. Software updates often include patches, so it’s possible you’ll be automatically notified when they are available. If not, you can always check your device for patches to download. Together, both updates and patches are effective methods to protect your bank account from fraud by ensuring your devices are as protected as possible, Grossman says. Keeping your software updated and patched can also help safeguard you from phishing, a common email scam where fraudsters attempt to obtain data (like passwords and credit card information) by posing as a trustworthy company. When your software is up to date, you will be protected from exposure to malicious software you inadvertently download due to phishing. 5. Install ad blockers If the ads on your screen seem too good to be true, they might be—even when you’re on a legitimate website. “Malvertising,” where cybercriminals create ads infected with malicious codes, is another scam that can leave your bank account exposed. How does malvertising work? Maybe you see an ad offering a free program. Once you click on the infected ad, malware may be downloaded to your device that can potentially steal information about your identity, Weisman says. In some cases, loading the webpage with the corrupted ad is enough to trigger an attack. But there’s an easy way to avoid malvertising and protect your bank account from hackers: installing ad blockers. Many ad-blocking tools are free and easy to download. By blocking ads, your chance of interacting with an infected ad is removed, Weisman says. 6. Utilize features and tools provided by your bank As you work to protect your bank account from fraud, take time to research the security measures your bank has put into place. When you maximize the security features your bank provides, it’s easier to keep your sensitive information safe. For instance, Discover offers secure online and mobile banking that encrypts all personal and account information. Earn cash back with your debit card Learn More Discover Bank, Member FDIC Some banks, including Discover, allow customers to use a fingerprint login to safely and securely access their account on their smartphone. This is a form of biometrics, which uses physical characteristics to identify you. Biometrics can help you protect your bank account from hackers because your fingerprint (or face, in the case of facial recognition technology) can’t be forgotten or stolen like a character password. Another way to prevent identity theft? Set up alerts for your bank account. Discover, for example, will send alerts to users if their account is overdrawn or when they have a profile update. Protecting your bank account from fraud, scams and identity theft starts with a plan. By using different passwords, enabling two-factor authentication, downloading a VPN, updating and patching your software, and installing ad blockers, you can help protect your personal information. See how Discover keeps your account safe in the Online Banking Security Center. Articles may contain information from third-parties. The inclusion of such information does not imply an affiliation with the bank or bank sponsorship, endorsement, or verification regarding the third-party or information.