Are online banks safe? (2024)

The rapid rise in online banks over the past decade has been good news for bank customers, as they now enjoy higher savings rates and lower fees than they used to. But online banking has also led to an increase in the frequency and sophistication of cyberattacks on the financial and banking industry.

We receive compensation from our partners for Featured Offer placements, which impacts how and where their offer is displayed.

Featured Offer

Axos Bank Rewards Checking

Monthly maintenance fee

The risks of online banks

The biggest risk of online banks is that someone will access your savings or checking account and steal your information and money. This typically happens when your account is hacked by cybercriminals who get your username and password. However, these risks are not limited to banks that operate exclusively online. They also occur at banks with both a digital platform and branch locations — which is basically all banks.

Doing any kind of business online has risks, whether it involves banking, shopping, paying bills or transferring money. A 2023 report from the FBI found that its Internet Crime Complaint Center had 800,944 complaints reported in 2022. These crimes caused over $10.3 billion in losses. The dollar amount was up by 49% from the previous year.

Online bank accounts are an especially inviting target for cybercriminals because they not only hold money — they also hold personal information that can be used for other crimes, such as identity theft. This applies to both web-based banking and mobile banking.

Steps for secure online bank account setup

The first step to setting up a secure online bank account is to choose a strong and unique password. Don’t use your name, birthdate or any other identifying information and don’t use obvious passwords like ABC123.

Most banks will let you know the strength of your password after you enter it the first time. If the bank determines that it is weak, keep trying new ones until you reach the desired strength. This usually involves a combination of upper- and lower-case letters, numbers and symbols.

Here are some other steps you can take to ensure better security:

Use multifactor authentication: Your bank might require that you take more than one step to access your account, such as being sent a unique code to your phone.

Keep your tech updated: Doing updates on your computer and phone will help keep those devices secure. Updating your bank’s mobile app occasionally will also help keep your bank information secure.

Sign up for bank alerts: These alerts let you know when transactions hit your account, this will help you catch any suspicious activity right away.

Technologies and security at online banks

The safest online banks and credit unions use cutting-edge tools and technology to protect your money and identify and prevent unauthorized access to your accounts. Standard security measures used by online banks include the following:

Antivirus protection
Firewalls
Fraud monitoring
Website encryption
Multifactor authentication
Automatic sign-out or time-out

Before opening an account, check the bank’s website to find the security tools it has in place.

Common online banking security threats

Cybercriminals keep coming up with new and inventive ways to steal online bank information and money. Here are some of the common threats:

Phishing

With phishing, cybercriminals use disguised emails, websites or other official-looking communication methods to trick consumers into providing personal or financial information. For example, phishing fraudsters often send emails disguised as official bank correspondence to get you to reveal information such as your account number or Social Security number.

Ransomware and malware

During a ransomware attack, cybercriminals lock banks and customers out of their computers by encrypting them with malware. The bank will need to pay a ransom to get access back. These attacks are among the most dangerous threats in recent years and can only be prevented through more advanced bank cybersecurity tools.

Distributed Denial-of-Service (DDoS) Attacks

DDoS attacks involve overwhelming a bank’s server with fake connection requests that force it offline. Banks are common targets of DDoS criminals because there are so many different areas of attack, including IT infrastructure, customer accounts and payment portals.

Cloud-based Cyber Attacks

Software systems and data are increasingly being stored and enabled in the cloud, including at banks. This means there has also been a rise in cybercriminals using cloud-based attacks to access sensitive information such as passwords and bank account numbers.

Safety tips for managing your online bank account

Online banks can only do so much to protect your information and money. The way you manage your account also plays a big part in keeping your information secure. As mentioned earlier, this includes creating strong passwords, using multi-factor authorization and signing up for security alerts. Here are some other steps you can take:

Don’t bank online using public Wi-Fi networks: Hackers can set up their own public Wi-Fi and give it a legitimate-sounding name. Connecting to this Wi-Fi exposes your information to cybercriminals.

Only provide personal or account information when you initiate contact: If someone reaches out to you requesting this info, don’t provide it. Whether the request is in an email or over the phone, either call the bank yourself or log into your online account and contact the bank from there.

Review your account activity regularly: This will ensure that you spot unusual activity when it occurs. If you see something, contact your bank immediately.

Online vs. traditional banking safety

Because just about all traditional banks offer online and mobile banking options, they have adopted many of the same tools and technologies as online-only banks.

One difference is that online-only banks don’t have to provide security at physical branch locations. This cuts down on risk as that is potentially thousands of buildings and employees that don’t exist. Not only tellers and bankers but also maintenance, cleaning crews and other customers that don’t have access to bank computers and documents.

No matter which online bank you are considering, research its cybersecurity program to make sure it is on par with other banks.

The future of online banking security

Online banking security is a constantly evolving process that requires a steady stream of innovations and new technologies to stay one step ahead of cybercriminals. Traditional security systems can quickly become obsolete.

The future of online banking security will likely include more biometric information, such as facial recognition and fingerprint access requirements. Fraud detection is also likely to improve as AI becomes more ubiquitous, enabling banks to catch suspicious activity more quickly.

Frequently asked questions (FAQs)

Yes, just about all online banks provide FDIC insurance of $250,000 per depositor, per FDIC-insured bank, per ownership category. But note that FDIC insurance doesn’t protect against fraud, it protects against bank failure.

If a bank goes out of business, the FDIC insurance will cover any funds the bank is unable to return to customers. Fraud protection is managed by the bank itself.

A very common scam is phishing, in which cybercriminals use disguised emails or domains to trick consumers into providing personal or financial information.

Another common scam is sending someone a check for more than what is owed and requesting a return of the excess money. The victim returns the funds, but then the original check bounces.

With encryption software, banks secure your transactions and personal information by converting it into code that only your bank can read.

Online banking is generally safe and not easy to hack — as long as you take the right steps to protect your information. This means setting up strong passwords and changing them frequently, and using additional tools like two-factor authentication to give yourself an extra layer of protection.