Skip to Content
© Michael Truchon |

How to do your banking online without putting your security at risk

Tech is supposed to make our lives easier, right? Instead of having to stand in line at the bank, we can just whip out our phones and fire up an app to move money around. That’s all well and good, but what happens when a hacker jumps into the mix?

Making financial transactions online can open us up to some potentially nasty side effects. If you don’t take proper safety precautions, an enterprising cybercriminal can take advantage of your weak security and crack your accounts right open.

That doesn’t mean online banking is always risky, though. In fact, there are several ways to do your banking online that put cybersecurity front and center. Here are some of the most urgent precautions you should take when accessing your money over the web.

Two-factor authentication: Your keys to the kingdom

It’s no exaggeration to say two-factor authentication is one of the most important security measures you can take. Setting up 2FA creates an additional login step that hackers and cybercriminals won’t be able to mimic easily, effectively protecting your accounts from intruders.

Without access to your phone, there’s no way to grab the login code.

If you access your bank online via an app or web login, 2FA is probably available as a security option. You’ll most likely find it in the password and login settings of your bank’s app. On the web, you’ll find the option under your profile settings.

Your bank will prompt you to provide your cellphone number as part of the setup process. Once you receive a text message code and confirm it, you’ll be ready to go.

From now on, every time you log in you will receive a randomly generated code to ensure you’re the one attempting to access your account. This makes 2FA notifications a sort of security alarm. If someone else attempts to log into your account, you’ll know right away because you’ll receive a message. Tap or click to find more 2FA benefits.

A physical key

Some banks offer something called a physical security token, which acts as another form of 2FA. Instead of using a code texted to you by your bank, you’ll use a special device that interfaces with your banking app. For example, HSBC Bank offers a security device that generates codes for you to enter online.

Since your physical security token is a real-world device, you won’t run the risk of hackers cracking it. It’s also useful because it removes the middle man when you log in.

Not all banks offer physical tokens or keys, so make sure to check with your bank to find out what security features are available.

Beware public Wi-Fi and consider using a VPN

Public Wi-Fi may be convenient, but it’s also a huge risk factor for device security. Many of these public networks have no security or encryption protecting them, which makes them hotspots for hackers and criminals.

If a hacker decides to camp on an unsecured network and sees a device accessing a well-known bank’s website, you might find yourself on the wrong end of a ransomware attack.

When you need to access your bank’s website or app on the go, be sure your phone doesn’t automatically connect to an untrusted Wi-Fi network. Here’s how to temporarily disable Wi-Fi:

On an iPhone X or higher, swipe down from the upper right-hand corner of the screen and tap on the Wi-Fi and Bluetooth icons to disable them. If you’re on an older phone with a home button, you’ll swipe up from the bottom of the screen for these options. Do the same to turn them back on when you’re ready.

On Android, swipe down from the top of the screen two times to open the Quick Settings panel. Alternatively, you can swipe down using two fingers. Tap the Wi-Fi and Bluetooth icons to disable them, and tap them again to re-enable.

Public Wi-Fi networks aren’t the only ones that get compromised. If your router was attacked without your knowledge, you could be putting your bank information at risk every time you log in. Tap or click to find out more about using public Wi-Fi safely.

This is where a VPN comes in. Short for “virtual private network,” a VPN will safely route your internet traffic through another server somewhere else in the world. These servers are often equipped with security systems that protect and encrypt your traffic from prying eyes.

Our sponsor ExpressVPN gives you reliable security for your most important internet traffic, as well as blazing-fast speeds you can rely on. Get an extra 3 months free of ExpressVPN when you sign up at

Who you gonna call? Only the number on your card

If you need technical support, you might be tempted to search for your bank’s phone number on Google. Be warned: Scammers are hoping you’ll make this mistake. They put fake bank phone numbers online so they can sucker you into sharing your financial information.

To steer clear of this trap, rely on the phone numbers issued to you by your bank. You’ll find them on the back of your debit or credit card, as well as in the Help or Support section of your bank’s smartphone app.

If you need help with your money, why chance dialing the wrong number by mistake?

Don’t leave yourself open

Of course, once you’re finished with banking, you’ll want to securely sign out of your accounts so there’s no way for hackers or snoops to get in. Logging out of your accounts is just good practice, and this is especially the case when it comes to your finances.

In your bank’s app or on its website, look for a button that says “log off” or “sign out” before exiting. Some web browsers will keep you logged in after you close the window, and if your browser gets hijacked in the interim, your data is completely exposed.

Once you’ve signed off, close your browser window and make sure the program is closed as well. On Macs, you need to click on the program’s name from the menu bar and click “exit” or “quit” to fully shut the software off. You can also type Command + Q to close any open software.

Never leave anything to chance when it comes to your money. Unless it’s your lucky day in Las Vegas, playing games with your finances will only end in loss.

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days