Alert
Close

Top the Trizzle leaderboard by 5 p.m. Friday to win a $100 gift card! Learn more

Highlights

Open

Contests and
Sweeps

Safe Driving in 2014 Sweepstakes

Learn how AARP Driver Safety can help you stay safe—and enter for a chance to win $1,000. See official rules. 

Driver Safety

Piggy bank on the road - AARP Driver Safety

Take the new AARP Smart Driver Course!

AARP Books

Visit the Money Section

Enjoy titles on retirement, Social Security, and becoming debt-free.

webinars

Learn From the Experts

Sign up now for an upcoming Money webinar or find materials from a past session. 

Jobs You Might Like

most popular
articles

Viewed

Scam Alert

How Safe Is Online Banking?

Nearly half of Internet users bank online, enjoying the convenience of 24/7 access to their accounts and the ability—theoretically—to quickly spot fraudulent activity and protect against identity theft.

But after reviewing hundreds of banking websites, University of Michigan researchers say that three in four have design flaws that could make customers vulnerable to cybercrimes.

“To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country,” says study leader Atul Prakash, professor of electrical engineering and computer science.

These design flaws—which include placing customer login fields and bank contact and security information on insecure pages, allowing the use of Social Security numbers or e-mail addresses as user IDs, and e-mailing passwords or statements to users—leave security cracks through which hackers can gain access to accounts and other personal information.

The average loss per case from online banking fraud is about $30,000, according to the Federal Deposit Insurance Corp. In just three months of 2007, hackers stole nearly $16 million from U.S. residents.

Doug Johnson, vice president of risk management policies for the American Bankers Association (ABA), maintains that online banking is safe but allows there’s room for improvement. “I will say that we brought this study to the attention of our membership and that there are things they need to look at to ensure that online banking websites are not on the wrong side of security walls,” he says.

There are no universal guidelines by the ABA or others for banking websites; the design is left up to individual financial institutions. So how can you protect the confidentiality of your personal information? Prakash offers some tips:

Examine the website’s URL. It should begin with “https://”—a more secure Web protocol than “http://”. Never enter your user ID and password on any page without that S, says Prakash. Although most banks use the safer https:// on some pages, only a small percentage have it on all pages, his report shows.

Make sure the bank’s name follows the https://, as in https://www.bankofamerica.com. An unsafe website has the “host” or other name listed before the bank’s, as in https://www.oriwa.com/bankofamerica/index.html.

Don’t trust security indicators, such as padlocks or lock icons inside a page, to show you’re protected. Scammers can duplicate padlock icons on login pages and pages containing what’s billed as bank contact information. Instead, Prakash tells Scam Alert, “a hacker could change an address or phone number and set up a fake call center to gather private data.”

Choose longer, more obscure passwords, with at least eight keystrokes—ideally, a combination of uppercase and lowercase letters, numbers and symbols, such as go#Hen2Ry4&z. Never use your Social Security number or e-mail address as a user ID or password, which was allowed by one in four bank websites surveyed by Prakash.

Don’t click on any incoming e-mail purporting to be from your bank, especially a message asking you to update your passwords or accounts. Instead, bookmark your bank’s homepage and access your accounts that way. Also, don’t accept offers from your bank to e-mail you passwords or statements, which can be intercepted by cybercrooks.

Never conduct online banking from a public computer in an Internet cafe or local library, or even with your own computer in an airport or hotel. Also don’t bank online when your computer is very slow or has many pop-ups; those conditions may signal the presence of a virus that could include “keyloggers,” which pass along your keystrokes to a hacker.

Whether you bank online or receive your statements in the mail, immediately report any suspicious withdrawals or other account activity to your bank.

The FDIC also provides consumer advice on online banking.

Sid Kirchheimer is the author of Scam-Proof Your Life (AARP Books/Sterling).

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts

Processing

Please wait...

progress bar, please wait

Tell Us WhatYou Think

Please leave your comment below.

The Cheap Life

Jeff Yeager Cheap Life Ultimate Cheapskate AARP YouTube web series save money

Catch the latest episode of The Cheap Life starring Jeff Yeager, AARP's Ultimate Cheapskate. Watch

Discounts & Benefits

From companies that meet the high standards of service and quality set by AARP.

AARP Credit card from Chase

Members can earn 3% cash back on purchases with the AARP® Visa® Card from Chase.

AARP Financial Services

Info on saving for education from AARP® College Savings Solutions from TIAA-CREF.

Member Benefits

Join or renew today! AARP members receive exclusive member benefits & affect social change.