Millions of people become targets of cyberattacks every year. Criminals use various phishing schemes to gather your personal information and gain access to your accounts and financial data. A compromised bank account, especially if it involves a form of identity theft, can cost you dearly.
Prevention and active monitoring are the best ways to prevent a breach of your financial information. Unfortunately, many of us still fall victim to a cyberattack. If you suspect that your credentials have been compromised, take immediate action.
Contact your financial institution
The first thing you should do is notify your bank or other financial institution right away if you notice suspicious activity on your bank account. Also, reach out if you experience loss or theft of physical items such as your debit or credit card, IDs, and passports.
Contacting your financial institution is the most effective tactic to mitigate damage to your financial data. Reporting cyber and physical hacks will allow it to act immediately and freeze your accounts. In addition, reporting those incidents alerts the institution to other possible security vulnerabilities so it can prevent other incidents from occurring.
Verify the hack
Confirm with a verifiable source that your information is compromised. Hackers have been using scarier and more challenging tactics in recent years in which they claim to represent one of your financial institutions.
That recent impersonation tactic is known as "spoofing" and can be hard to detect even to the trained eye. Hackers will take extreme measures in many cases to pretend to be a source that will gain your trust. Business names, email addresses, and even caller ID tags may look legitimate under a spoofing scheme.
Some groups will even set up a phony customer hotline in which they have a person to try to persuade you to share your financial data.
To counter spoofing schemes, be cautious of any unsolicited fraud detection or messaging, especially when the messaging comes from unusual communication channels. Be sure to verify that a data breach is legitimate by contacting the direct customer-assistance hotline listed on the corporate website.
Learn the law
Consumer bank account data breaches are governed by the Federal Reserve Regulation E. Protections covering electronic fund transfers include liability protection for stolen funds.
Victims of bank fraud may still be subject to minimal damages, but those costs are capped at between $50 and $500.
Under the regulation, incidents must be reported in a timely fashion to qualify for federally protected coverage. Generally, the timeframe covers a period between two and 60 days after an incident. Financial institutions are also required to investigate and resolve bank fraud claims within a specified period.
Check your credit
Depending on the nature of the attack, your entire credit history may be at risk. In the short term, criminals who gain access to your credit card account can continue racking up expenses using your identity. Over the long term, unized credit cards or loans opened in your name will hurt your access to credit in the future.
Usually, your financial institution will cancel your credit card if the account is breached. If it has not automatically issued a new one, contact the financial institution to inquire about a replacement.
Another smart strategy is to obtain a free credit report from one of the major credit bureaus to assess any impact on your credit history. You should also monitor that history for fraudulent credit transactions to keep your financial well-being in shape.
Update your security credentials
After dealing with a security incident, you will likely never want to encounter another. In the short term, the best option is to change your login credentials. Keep up to date by following industry best practices when it comes to user access security.
Be sure to incorporate methods such as two-factor authentication and creating complex passwords when opening your digital banking accounts. As mobile banking becomes more popular, some additional security tips include connecting through a virtual private network to gain access directly to the company application rather than through an unsecured web browser on a public connection.
Following these tips and guidelines is a starting point for responding to a suspected attack on your financial data.