Crooks may use your name and SSN to buy cars that they sell overseas.
Banking is more convenient than ever before. Today's banking apps are packed with features that allow you to perform any kind of transaction imaginable. But is all this power is coming at the expense of data security? As with all parts of the financial space, caution is essential.
Identity theft and banking have gone together for years. A cybercriminal's endgame when using stolen data often involves opening a credit card or bank account in a victim's name. Furthermore, financial data is among the most attractive prizes for identity thieves because of all the usable details it contains. A data breach involving bank account information represents a massive risk.
Banking Apps Can Prove Vulnerable
When you consider the clear risk associated with losing financial data, it's worrying to see what vulnerabilities pop up in the code of popular banking apps. Threatpost recently highlighted academic research presented at the Annula Computer Security Applications Conference that found a potential path for data theft. A flaw in many popular banking apps allows attackers to perform what is called a "man-in-the-middle attack," in which the hacker imitates a trusted server and intercepts personal information.
The apps in question didn't verify the hostnames they were connecting to, so criminals could create bogus security certificates and dodge the verification process. This process usually happens when a user connects to a Wi-Fi network. A criminal on that same network will redirect the app traffic and convince the app to give up data. The banks whose apps possessed the flaw have since patched their software, but the emergence of the problem shows the risk associated with mobile banking.
Unsafe Behavior Matters Too
While apps sometimes spring data leaks, their code may not be their biggest risk. According to U.S. News and World Report, poor decisions regarding online banking can be just as damaging as ingrained app flaws, even more so. As Hotspot Shield's Robert Siciliano told the news outlet, there are plenty of risky behaviors exploited by criminals today. App users have become the "path of least resistance" for data theft.
An oversight as simple as picking a weak password or not passcode-locking a mobile device could lead to fraud. A stolen phone quickly turns into a treasure trove of banking data. Using techniques such as two-factor authentication can help keep data secure, even if a device gets out of your control.
Matt Meyer, chief intelligence officer for BrightStar Credit Union, told U.S. News that apps not directly associated with banks pose their own kind of threat when consumers link them with their debit cards. These third-party apps can become paths into bank accounts and should instead be linked to credit cards. Criminals are less likely to misuse stolen credit data than debit data.
Komando.com urged consumers to check their bank accounts often. Today, financial services offer features such as text-based alerts. These may seem superfluous at first, but when something is wrong with your finances, it pays to know as quickly as possible. Though banking has become quicker and easier than ever before, it doesn't pay to become too casual or careless about money.
Awareness is Valuable
An account breach can be devastating if it's left unaddressed for too long. Since the mobile banking era has given criminals new ways to access data - Wi-Fi hacking, device theft and more - it's worth setting up new systems that will keep you aware of any illicit activity. Your response speed may determine the damage suffered in a breach.
Get Identity Guard today to set up an essential early warning system around your data.