Transactions

There are many benefits to doing all your financial transactions online. In particular, the process is much faster and more convenient. There’s no need to visit a bank or a payment center, which helps you save time and money. It’s also a lot safer, especially when you consider various health risks in recent years.

The problem is that online transactions can make you vulnerable to security breaches, such as identity theft and fraud through phishing. This is a form of social engineering, in which cybercriminals “fish” for sensitive information by pretending to be legitimate financial institutions like banks or lenders. Once you give away these details, there’s little you can do to reverse the damage.

The mere idea of losing your hard-earned is definitely worrisome, sometimes even downright scary. However, there are also plenty of things you can do to protect yourself from these scams. Here are some tips to avoid becoming a victim of phishing, plus some other reminders to stay safe when conducting any online transaction:

Activate 2FA on All Your Accounts

One of the first things you should do to secure your online banking accounts—and indeed, all your digital accounts—is to activate 2FA. This stands for two-factor authentication, which means you need two layers of verification before you’re able to access an account. Usually, this second verification comes in the form of a one-time password that you need to input within a set amount of time (e.g., 5 minutes). This means that even if a hacker guesses your password, they won’t be able to get into your account.

Make sure to activate 2FA as soon as you create an account for any digital service or product, but the most crucial one is your email. You use this to sign up for practically everything, from your banking accounts to video games, so it’s important to make it as secure as possible. You may also want to create a separate email for all your financial-related transactions to keep things more organized.

Think Before You Click

You’ve probably heard of the statement “think before you click” in relation to posting on social media. However, this also applies to online security. In particular, you should be careful about clicking outgoing links. Most phishing scams direct you to official-looking websites that are actually cover-ups to convince you to input your account details.

Thus, be extra careful and study both the information contained in the message and the sender of the message. If you’re availing of cash loans, for example, make sure that the emails or texts are coming from the company’s official communication channels. Hover over the link to reveal the real destination of the URL; if anything seems suspicious, don’t proceed.

You should also keep in mind that no legitimate institution will ask you to provide them with the above-mentioned OTP. You’re the only one who’s supposed to input this on the device where you’re accessing your accounts. If someone says they’re from a bank or a lending company and asks you for an OTP, don’t believe them. Instead, report and block the email or number.

Download Reliable Apps and Visit Secure Sites Only

To minimize the risk of encountering fraud, make sure that you only download legitimate apps and visit secure sites. If you’re downloading an app for the first time, it’s best to visit the website of the provider and then click the download link from there. You can further verify by checking the details of the developer and reading reviews from the app store.

For websites, review the URL and make sure it starts with https. A padlock icon also indicates the site’s security. If you’re on an e-commerce site or any website that requires payments, look for a certification that proves that it follows data security and privacy standards.

Ignore Most Pop-Ups

Some websites have pop-up windows to catch your attention. For example, if a shopping site has a new promo, they could use a pop-up ad to let you know about how much you’ll save or who the participating brands are. In this case, it’s safe to click on these ads.

However, most other pop-ups are usually attempts at phishing. Their bright colors, large fonts, and sometimes even annoyingly loud notification sounds are designed to catch your attention—don’t fall for these tricks! Instead, activate pop-up blockers on your web browser; to up the ante, use ad blockers as well. If a pop-up window somehow goes through, don’t immediately click the biggest “Cancel” or “Close” button because that’s usually a trap that will lead you to a phishing site. Either look for a smaller “x” button somewhere in the ad or close the browser entirely and start a fresh session.

Sign Up for Alerts

Most banking and fintech apps have a feature that allows you to receive notifications whenever there’s an activity in your account. Activate this, along with your 2FA, as soon as you sign up so you’re always alerted when something happens.

Some of the things that should raise red flags include failed login attempts, password and/or personal information updates, as well as account linking to a new email. If you receive any of these notifications and you did not authorize the changes, report it to the proper channels immediately.

Apart from in-app notifications, you should also sign up for email and/or SMS alerts. They’re essentially the same, since you’ll receive the account activity information already in the app, but it never hurts to have more layers of security for all your financial dealings.

Know What Phishing Scams Look and Sound Like

There are many who fall for phishing scams because cyber criminals work hard to make their fraud emails, websites, registration forms, and text messages seem legitimate. Even long-time customers or users of a bank, a lender, or an online store may be a little confused because the fake ones can look a little too real.

Make it a point to know the official email addresses and phone numbers of your service providers. It’s also a good idea to keep up with some news about them, so you’re aware of developments like logo changes and similar updates. In addition, it pays to be aware of how hiding messages are usually constructed. Some examples include:

• You’ve won something that’s worth a lot of money, such as a car, a high-end gadget, or luxury trip, even if you haven’t joined any raffles.
• Your bank account details or payment information need to be updated in order to continue a service or subscription (which you may or may not have).
• Your account has been detected to have suspicious activity and you need to settle it immediately to continue using your account.
• You’re eligible to receive a cash prize or some other form of monetary compensation like rebates from a bank, online store, or the like.
• You’re qualified to receive a gift after you register to become part of an exclusive group.

If you see these things in your emails or texts, be on high alert. They’re not automatically phishing or attempts, but an overwhelming majority are. Stay vigilant and ignore any suspicious messages you receive.

Some other details that might give you a clue that you’ve received a phishing message is the construction. For example, if you’re a loyal customer of a bank, they would usually address you using your name or surname. Meanwhile, phishing attempts usually have general greetings like “Dear Customer.” Take a look at the grammar as well. Legitimate institutions make an effort to be as courteous and professional as possible. Meanwhile, scammers don’t usually care about such details.

Stay Informed

Technology is a double-edged sword. You can use it to protect yourself and ensure your privacy, but it can also be used against you. In fact, as technology develops at a lightning-fast pace, more phishing scams are also being devised by cybercriminals. Thus, make it a habit to stay on top of tech news about the latest scams so you don’t fall for them. Remember: knowledge is power.

Practice Good Internet Usage Habits

Last but certainly not least, protecting yourself from scams means practicing internet safety and security habits. For one, don’t provide personal information to entities that you don’t trust. It’s also better not to conduct any sensitive transactions such as banking through a public WiFi connection, because these are more vulnerable to cyber attacks.

You should also secure any device that you use to access the internet by using antivirus software. For your online accounts, use strong passwords and change them regularly. You should also update your operating system and browsers to the latest versions to make sure that you always have the latest security features active.

No one wants to get scammed out of their hard-earned money, but it’s also true that the bad guys work hard. Fortunately, there are plenty of ways to stay safe. Be smart and arm yourself with knowledge so you can avoid phishing. Start with the things in this list and you’ll be well on your way to having a more secure experience with your online transactions.