How to protect your hard-earned money from hackers
February 19, 2019
6 minutes to read
Would you ever dream of waving a wad of banknotes when you are out and about? Would you ever share your bankcard codes with your colleagues? Would you put your safe out in the garden? The chances of you ever doing something like that are fairly small, but the risk of being taken tricked online is anything but small. In the first 9 months of 2018, hackers snatched away 5.51 million euros from Belgian bank accounts. By comparison, in the entire year of 2017, just one year earlier, this was 'only' 2.52 million euros.
Hackers are always trying to get hold of your username, password and financial information. They usually do this with fraudulent emails in which they pretend to be your bank. These emails tend to be drafted in the same style as those from your bank. That is exactly why they are extra treacherous. Sometimes the fraudsters use a combination of different techniques. In that case, you will receive a letter or email that is followed up by a phone call, a text message ('smishing'), a WhatsApp message or a message via social media.
Hackers are creative and often use a wide variety of tricks to get their hands on your money. So what is the recipe to outsmarting them? You can learn to recognise their malicious practices and you can take precautions to outsmart them.
How to recognise the warning signs
- The email or letter will often say that you need to take action quickly if you want to avoid 'your bankcard, account or app to stop working or being blocked'.
- You will be asked to provide your secret codes and/or the numbers of your bankcards or accounts in the email. The email may also contain a link to a fake website or online banking page. There you will be kindly requested to fill in your details.
- 'Your security comes first'. 'We want to guarantee your online security.' Hackers often put (excessive) emphasis on their 'concern' with your security.
- Incorrect spelling or poor syntax may also indicate that the email was written using machine translation. Errors in the formatting or logos are also a sign of hackers.
- Someone from 'Microsoft', 'Google', 'Keytrade Bank' and so on may ask you to log in by phone or by email. Such fraudsters will often play busy office or help desk sounds in the background to give you the impression that you are talking to a reliable partner.
- The sender's email address often has nothing to do with your bank. An email about your bank account from email@example.com is easy to spot, but sometimes the email address format is only slightly different or just a tiny difference is used to cause confusion: firstname.lastname@example.org and email@example.com are not the same as firstname.lastname@example.org
- When you log on to keytradebank.be, always check the web address carefully. It always starts with https://. Make sure the letter S is there in https. If you see http:// without the S, the connection is not secure.
How to avoid being hacked yourself
- Use the latest version of the operating system for your computer (Windows, iOS and so on), smartphone or tablet. Also download the latest security software and check that you have the latest version of your internet browser. Make sure that your antivirus software and firewall are up-to-date.
- If you are working with a wireless connection (using Wi-Fi), make sure that the connection is secured with an access code. Avoid using public computers (for example in a library) to do your online banking. These computers may be infected with a virus that will endanger the security of your transactions.
- Never give anyone permission to take control of your computer, even if that person is supposedly working for Keytrade Bank. Never log in at the request of someone you don't know.
- Never give your bank codes when requested to do so in an email, text, pop-up notification, on social media, by telephone and so on. Never send your bankcard to anyone. Keytrade Bank will never ask you to do this.
- Never answer any email messages that promise you large sums of money or that ask you to carry out an international transaction for someone. Be very vigilant if you are asked to deposit money in the context of a competition.
- Always check that the web address contains the correctly spelled name of your bank. The address must always be preceded by https:// and not just http://. Always enter the address of your online banking website yourself (or add it to your favourites) and do not use any links from other websites or email messages.
- Always make sure that your session follows the normal procedure. Keytrade Bank will always ask you for the same authentication information at the start of each session. Transactions should never take significantly longer than usual. Important changes to the Keytrade Bank website are always announced in advance.
- If you need to move away from your screen, close your online banking session. Always close your session by logging out.
- Do not visit any other websites while you are doing your online banking. Do not share any files with other users while you are doing your online banking or investments.
- Only buy from reliable websites that release their identification details. Make sure to verify that the website shows the company's name and details. As with online banking websites, the address should be preceded by https:// and not just http://.
- Only validate your payment order if you were expecting it or if you requested it yourself.
- If in doubt, stop the transaction immediately and contact us on +32 (0)2 679 90 00, particularly if the process to sign the transaction is different from the normal process.
- Regularly check your future transactions that were already registered.
What if you inadvertently clicked on a suspicious link?
- Immediately close the web page or pop-up notification.
- Call us on +32 (0)2 679 90 00.
- Have your bank cards blocked
- Check your transactions and bank statements.
- If you think that you received a phishing message, forward it to email@example.com. Also forward the message to firstname.lastname@example.org of the Centre for Cybersecurity in Belgium (CCB).