How Secure is Secure Online Banking, Really?

An industry study reveals most financial institutions can’t stop sophisticated attacks.

Evaluating the security of secure online bankingBack when online banking first became a thing, many people shied away due to security concerns. However, as time passed and people became familiar with things like encryptions and secure websites, those concerns diminished. These days, most of us go online or hit up our smartphone app without considering how secure our data really is. But a new industry study reveals that secure online banking may not be as secure as we’d all hope.

Security experts at Distil Networks and Online Trust Alliance wanted to see exactly how good websites are at blocking attacks. Unfortunately, they found more than 95% of top websites can’t stop advanced bot attacks. Those top websites include many financial institutions.

Can your bank stop the baddest bots? Probably not.

For their study, they broke bot attacks in 4 groups – sophisticated, moderate, simple and crude. Financial institutions did well against crude bots, but fared poorly against all the others:

  • 85% success rate against crude bots
  • 14% block rate for simple bots
  • Only 7% for moderate and sophisticated

So, basically your financial institution’s website may be able to block a newbie hacker. However, a pro would have no problem getting to the data if they really wanted to get in.

And it’s not just financial institutions that put your data at risk. Not that it makes this any better, but federal websites have a 22% block rate simple bots. But they only block 1% of sophisticated bot attacks.

Should I stop banking online now?

Probably not. If you’re old enough to remember the annoyance of balancing your accounts or conducting transfers at an ATM, you should cringe at the idea of giving up your convenient online environment.

Still, you should take this information and use it as inspiration to keep up some basic identity theft security measures. Going old-school with balancing your checkbook may be too much, but old-school ID theft practices still hold true.

  • Change your passwords often – security experts say you should do so every few months. At the very least, if you haven’t changed your password since you started banking online, that’s probably not a good thing.
  • Check your monthly statements religiously ­– if your account is compromised, regardless of how the thieves got in, you will see fraudulent transactions in your statement. With paperless billing, people often skip this all-important step.
  • Check your credit report every year – if accounts are ever opened in your name, you will see the evidence in your credit report. Go to com to check your reports for free once every twelve months.

For more tips on how to prevent identity theft – or how to address it quickly if it occurs, visit our Identity Theft Action Guide.  

Press Inquiries

April Lewis-Parks
Director of Education and Public Relations

AParks@consolidatedcredit.org
1-800-728-3632 x 9344