While online banking, shopping, and other activities offer consumers convenience, they also expose people to fraud and scams.
The Federal Trade Commission (FTC) reports that American consumers lost more than $12.5 billion to fraud in 2024, a 25% increase over the previous year.
Investment scams topped the list of fraudulent activities, with $5.7 billion in losses. Imposter scams came in second, with $2.95 billion in reported losses. Online shopping issues and identity fraud scams are also problems.
To help our customers with financial fraud protection and avoid online banking scams, we offer this advice on how to keep your money secure and avoid getting ripped off.
Choose Strong Passwords
With so many people banking, shopping, and practically living online, password protection is crucial. Banking scam prevention starts with using unique passwords that don’t involve information that’s easy to guess, such as birthdays, and pet names.
Each password should have a combination of capitalized and uncapitalized letters, plus numbers and symbols, to make them as hard to guess as possible.
Oversharing and Security Questions
Your security questions, for resetting your password, should be information that a scammer would find hard to figure out. Consider what you post on social media. If you’ve posted information about your dog, then using your dog’s name as a security question would be a bad idea.
Be cautious about what you post online, because scammers can use social media to collect all kinds of useful information. Watch out for social media questions or polls such as “What’s your rock star name?”
These kinds of questions might seem like harmless fun, but they’re a potential gold mine for scammers because the answers typically involve the street you first lived on, your first pet, or other security-related information.
Use a Password Manager
Consider using a password manager that can generate strong, unique passwords for all your online activities and store them in a vault. This way, you would only have one master password to remember, and it should be as complicated as possible.
Every time you went online, you would enter the master password for your password manager, and it would fill in your login credentials for your other accounts.
Use Two-Factor Authentication
Two-factor authentication can add an extra layer of security, especially when paired with a password manager. For any accounts that have two-factor authentication, you would have to approve each login through either an app on your phone or a code received via text message or email.
Avoid Using Public Wi-Fi
Public Wi-Fi is available in many places, especially with the rise of remote working. Make sure you don’t sacrifice convenience for security, as public Wi-Fi might not be as secure as your work or home network. Hackers can use this as an opportunity to gain access to your device and steal your login credentials.
You can reduce your risk of fraud by not performing any financial transactions while using public Wi-Fi. You should also turn off any settings in your devices that allow them to automatically connect to a public Wi-Fi service, as this could leave you vulnerable to a hacking attempt.
If you need to engage in transactions while away from home or work, a cellular network would probably be more secure than free public Wi-Fi.
Don’t Save Logon Information
Many websites let you save your login details for faster access. While this is a convenient option, it can increase the chance of fraud. Consider the devices you travel with, such as a phone, tablet, or laptop.
If a scammer got their hands on any of these, would they have immediate access to your accounts? They just might; if you saved your login credentials on your device or stayed logged in to your financial accounts.
Secure Your Devices
People keep all kinds of information on their smartphones and use them for mobile shopping, payments, banking, and other transactions. You might also use your phone for two-step authentication.
If that’s the case, you’ll need to keep your smartphone secure using a passcode or a pattern that you draw on your screen. Using biometrics, such as your fingerprint or your face, to unlock your phone is gaining popularity because it offers both convenience and security.
Of course, you’ll also need to secure any tablets, laptops, and similar devices—especially if you travel. Thieves are constantly looking for unguarded devices, for the resale value they offer and as a tool for accessing someone’s accounts.
Use Software and Updates
Another way to keep your devices secure is by using antivirus and anti-malware software. Many providers offer free and paid services, so you have a lot to choose from. Make sure you keep them updated, along with your phone or computer’s operating system and related apps.
Watch out for Phishing Scams, Emails and Texts
Phishing and investment scams used to be easy to spot, with poorly worded sentences and frequent misspellings. These days, scammers can use artificial intelligence to write convincing emails that may include information gleaned from social media.
An email or text that starts with a generic message, such as “Dear customer” should be viewed suspiciously. A legitimate email from your bank, an online merchant, or a streaming service would likely address you as “Dear (your name)” rather than addressing you as “customer.”
A common tactic among phishing scams is to claim that your account is compromised, was frozen because of a billing issue, or is the target of a scam. It will include a link for you to change your password, your billing information, or something similar. Sometimes scammers include an attachment for you to download.
They might also pretend to be from a merchant emailing or texting you information about a bogus order that you didn’t place, as an attempt to trick you into clicking or tapping on a fraudulent link.
Scammers often try to create a sense of urgency, such as: “You must act immediately to secure your account!” Their goal is to get you to act without thinking.
Take the time to examine the message and consider if it’s legit. Look at the sender’s email address. Is it from a domain you recognize, or did the scammers create an email that’s nearly identical to the one from your bank?
Phishing emails usually contain a link for you to click on. You could try hovering your mouse over the link (without clicking on it) to see where it would take you.
How about the texting number? Was it sent from a number you recognize, or is it from a number you haven’t seen before?
If you suspect a text or email might be a scam, you can always contact your bank, credit card, online merchant, etc. through a method that you know is legitimate.
For example, if you received a message from someone who says they’re with Points West Community Bank, you could call your local branch office to verify if it’s legit. Whatever you do, don’t divulge confidential information such as your account numbers, Social Security number, etc. without making sure that the person requesting it is legitimate.
Check Your Accounts Frequently
Monitoring your accounts for signs of fraud is crucial to prevent it from happening. Even the smallest fraudulent transaction should be questioned or reported immediately. Scammers have been known to start with small transfers or purchases, to test whether they have the right account information. If they get away with a smaller theft, they’ll then opt for a much larger one.
Monitor Your Credit
Checking your credit score at least once a year is a good idea to see where you stand financially, and to look for signs of fraud. You can get a free credit report each year from AnnualCreditReport.com. If there are any accounts you don’t recognize, contact the credit reporting bureau that contains the information.
You might also put a credit freeze or a credit lock on your information, which would make it extremely difficult for someone to open a bank account or credit card in your name. You can do this by contacting each credit reporting bureau individually: Equifax, Experian, and TransUnion.
If you need to apply for a loan or open an account yourself, you could always unfreeze your credit information long enough for your information to be processed.
How to Report Suspicious Activity and Fraud
If you suspect that you’ve been taken by a scam, or that someone is using your name or your account, your first step would be to contact your bank or credit card company.
They can help you dispute a transaction or money transfer and may be able to stop it if you act quickly enough. If someone made a fraudulent purchase through a merchant, you may also need to contact the merchant to make sure your online account hasn’t been compromised. You’ll likely need to change your password to something more complicated.
You can also report many types of fraud to the FTC and the FBI. If you’re the victim of identity theft, check out the FTC’s identity theft portal, IdentityTheft.gov. It has information on reporting and recovering from identity theft, plus what to do if your information is exposed in a data breach. If someone is misusing your Social Security number and other vital information to open an account in your name, contact the nation’s three credit reporting bureaus (as mentioned above).
Work with Points West Community Bank to Protect Your Accounts
Staying alert and following online banking practices are vital steps to protecting your identity and financial assets. If you have any questions about avoiding fraud and keeping your accounts secure, please contact us or visit one of our branches in Colorado, Wyoming, and Nebraska. You can also check out our blog for more information about online banking and safety issues.