What Happens If Your Bank Account Is Hacked? What happens if your bank account is hacked? Are you liable or is your bank? We have the answer, along with some tips how to keep your money safe online. hack bank
As society’s reliance on technology grows, especially for things like banking, we will continue to see more and more issues with account hacking.
Whether on a large scale–such as the recent $10M theft from banks in the U.S. and Russia–or small, data breaches are becoming increasingly prevalent.
So, what happens if your bank account is hacked?
How Big is the Problem?
According to the Identity Theft Resource Center, hacking was responsible for a whopping 59.3% percent of the total data breaches in 2017.
This number has grown significantly each year (up from 14% in 2007 and 27% in 2012, for instance). It shows no signs of slowing.
It’s concerning enough to think about our email accounts being breached or
our personal data being compromised through physical theft of personal documents.
However, when we consider the impact of our checking or savings accounts
being hacked–and even emptied–the fear increases exponentially.
This may even lead some to think about pulling their money out of financial
institutions, opting instead a more personal, less-likely-to-be-targeted solution.
However, that might not be the best option.
While there are many reasons to reconsider doing business with large financial institutions, the threat of a cyber attack shouldn’t be one.
Those who see the potential for this kind of data breach as a reason for not doing their financial business over the internet are over-reacting.
Of course, that’s little comfort in the face of fear.
Let’s take a look at exactly what happens after your bank account is hacked,
and why you shouldn’t be scared to bank with an online institution.
Banking Deal: Earn 1.85% APY on an FDIC-insured money market account at CIT Bank.
You Probably Won’t Lose Your Money
You may not know this, but the banks are actually liable for any stolen
funds as a result of cyber crime.
Non-business Customers should not lose money, as long as they notify their banking institution of the fraudulent transaction(s) within a reasonable period of time and took steps to safeguard their account information.
This is all thanks to Regulation E, a guideline established by the Federal Reserve to protect electronic funds transfers (ETFs).
According to Reg E, banking customers are only liable for up to $50 in losses if they notify their bank right away (typically, within 2 days of receiving the statement with the fraudulent charge).
If they wait up to 60 days, their lost funds are still limited–losses are capped
at $500–and the bank carries most of the liability.
However, if customers wait beyond 60 days to notify their bank of any fraudulent charges, they may be liable for the full amount stolen.
The takeaway here?
You’re still protected as a personal banking customer, even against cyber
threats, as long as you stay on top of your account activity.
Of course, you should be doing this anyway, but thanks to the Federal
Reserve, your losses are largely capped even if you’re the unfortunate victim of bank account hacking.
Banks Are More Prepared than Ever hack bank
Banks are hit by cyber attacks every single day.
As a result, they are becoming more adept at preventing breaches of security, and are implementing cutting-edge protocols and software to prevent such attacks from being successful.
It’s important to remember that only the big attacks hit the news.
Banks are bombarded by security threats all day every day, and their
systems are improving exponentially for detecting and dealing with these problems.
You Can Help Protect Yourself hack bank
While some breaches happen on a much larger scale, many of them
originate by an individual having his or her personal data compromised.
In today’s world of WiFi hotspots and coffee shop internet, it’s even easier for hackers to gain access to our accounts.
Luckily, it’s fairly simple to ensure your account is not vulnerable to this particular attack.
When using a public internet connection – whether at the airport, in a coffee shop, or even at your kids’ after school gymnastics practice – avoid logging in to important personal accounts.
Browsing the web is fine, but don’t enter personal information like your bank account login or even email password while on a publicly-accessed connection.
Also, when logging into your bank account online, most banks allow you to “remember your computer.” This allows you to bypass a few added security questions the next time you log in, but makes it easier for cyber threats.
Hackers can spoof your IPv4 address or even use malware to hijack your computer, so you don’t even know it’s accessing your bank account.
It’s a good idea to always disable the “remember your computer” feature. While it makes logging in a bit more of a pain, it’s much more secure in the end.
Keep an Eye Out for Spoofs hack bank
Even the most technology-savvy folks can be fooled by today’s advanced social engineering.
Keep a close eye on everything you open and click on, to ensure that you’re not their next victim.
Email programs have become very adept at filtering out spam most of the time. However, they’re not foolproof.
You may still see emails that look very much like they are official, coming from your bank or even Paypal, asking you to visit the website and confirm some piece of financial information.
In reality, the “bank’s website” is actually a hacker’s website, designed to look identical to the official site.
Never enter your password or any other identifying information on a website that you’re accessing over an insecure connection.
Internet browsers now even identify the security certificate.
So when you’re visiting a secure website that’s supposed to be operated by Chase, you can verify you’re safe.
Click the security icon in your browser’s address bar for more information. Here is a screenshot of what that looks like with Chrome.
When dealing with suspicious emails, you can even nip spoofs in the bud.
Simply click on the sender’s email address if you receive a message requesting information, to see if it truly came from your financial institution.
If you have any doubts, forward the message directly to your bank’s customer service department and get their confirmation.
You can make your passwords as long and as random as you like, but the complexity of a password is irrelevant if you hand it to a criminal willfully.
Safer Alternatives Don’t Exist hack bank
I’m sorry to break the news to your sweet grandma, but stashing money under your mattress is much less safe than giving it to the bank.
When you don’t like dealing with banks because you already believe that these corporations are evil, fear-inducing stories about recent hacks or cyber theft prevalence are particularly resonant.
News of major security threats seem to confirm the skeptic’s opinion that money is only safe when it’s cold, hard cash…
not bits in a bank’s computer.
However, the threat of your money being physically stolen is much more serious than it being digitally stolen.
Your house being robbed and criminals being able to find your hidden bills or walk away with your safe is much more likely than losing money due to cyber crime.
Plus, as we mentioned before, you have methods of recourse if your bank account is compromised.
Thanks to Regulation E, your stolen personal funds are protected by-and-large, as long as you notice the theft and alert your bank in a timely fashion.
If someone walks out of your house with a coffee can full of bills, you’re simply out of luck.
Should You Worry?
While news of past attacks and the threat of future ones is scary, the truth is that the banks will know before you do.
Often times, these institutions (and their advanced cyber security teams) solve the problem before the media even mentions the threat.
Federal law requires that banks are liable in the event of a security breach.
There is no bank that wants to be liable for a potentially large amount, so the companies have a very strong incentive to be very proactive and protect their customers.
Banks are easy to criticize, for a number of other reasons.
However, security is one area where the needs of the customers, shareholders, employees, and executives are completely aligned.
Does news of cyber attacks change the way you feel about banking online?
Has Houseparty really hacked your phone and stolen your bank details? hack bank
If you’re at home right now – and who isn’t? – then you’ve probably heard of Houseparty.
It’s a social networking app that came out back in 2015 and was bought by Epic Games – famous for Unreal and Fortnite – in the middle of 2019.
The name gives you a good idea of what is does: simply put, you go online, hang out and other members (players?) can join you in your “room” and engage in face-to-face chat, or as close to face-to-face as you can get in a virtual world.
Think of it as a multiuser video call that friends and family – or, indeed, anyone, if that’s your thing – can wander in and say, “Hi.”
As the app makers themselves put it early last year:
We’re the face-to-face social network bringing friends together for live video hangouts. Now, with the Heads Up! game available in app, we’re introducing a new way for users to spend time together.
Houseparty only works when people are online together. There’s no liking, commenting, or scrolling. Instead, the Houseparty experience brings empathy to online communication by requiring in-the-moment conversations and facilitating casual “drop-ins” from friends.
Imagine a video calling service, like Zoom or Skype, but without calls and conferences and meetings – it’s like arriving at the pub to see who’s there, rather than booking a table at a bistro and meeting a specific group who have all agreed to the time and place.
And, as Houseparty noted in the same article, given that the North American winter was in full swing at the time:
Whether snowed in, away from home, or just too cozy to leave bed, here’s another way to bond with your closest friends when you can’t be together!
For “snow” read “coronavirus lockdown” and you can understand why the app has become hugely popular in the last few weeks, as people try to maintain a social life of sorts when they aren’t allowed out to meet other people at all.
Has the party gone wrong?
Well, the Houseparty team have suddenly been turned into the bad guys, with breathless comments on other social networks warning you to stop using the app right away:
If anyone is using that house party app DELETE IT My friends email account been hacked into by it And managed to get bank account details too and has hacked that. I've seen a few other people saying this too on twitter. I also keep getting dodgey emails. Just a warning x
Is there any truth in this?
To be honest, we can’t tell you that the Houseparty app is bug-free, because we haven’t decompiled or analysed it, and even if we had, working out that an app is totally free of vulnerabilities is a close-to-impossible exercise, as are many tasks where you are expected to prove a negative.
But the claim in the post above is not that there’s a bug that’s being exploited in the app.
Instead, to us the post seems very clearly to imply that that Houseparty is a rogue app that is actively breaking into every part of your digital life and plundering it in a determined burst of criminality.
And as unlikely as that sounds, and for all that Houseparty itself has stated this…
..there are pages of counter-tweets insisting that…
BOYCOTT HOUSEPARTY, just found out that's how my Spotify was hacked and how many others are being hacked on various things DELETE HOUSPARTY!!!!! They are hacking into spotifys, snapchats and even online banking!!! Didn’t realise what was happening when i got these emails but is 100% that houseparty app!! Three new logins to my spotify and someone tried to reset my password for netflix!! hack bank Not worth it the risk
Well, here’s the thing.
There’s one thing missing in all of these aggressive!!! and SHOUTY!!!!! claims, and that is evidence.
At the moment, we don’t know what kicked off the storm of accusations, but Houseparty says [2020-03-31T03:21Z] it is “investigating indications” that the whole thing started as a smear campaign, to the point of offering a huge reward for proof:
But could a security bug in the app or a breach on Houseparty’s own servers have a knock-on effect by which other hackers – not Houseparty itself, but opportunists elsewhere – could break into your other online accounts?
In theory, yes, assuming that you used the same password on your other accounts so that your Houseparty password would effectively be a master key for all of them.
You have to type your password into the app at least once when you set it up, so your keystrokes are revealed to the app, from which it is at least theoretically possible they might leak – though your keystrokes would also, in theory, be revealed to other apps active on your phone at the same time, including malware running in the background.
And any online service that has user accounts needs to maintain a user database by which it can verify passwords, so a server breach could, in theory, expose that database to a hacker.
Note that very few online services actually store the text of your password – they store what’s called a hash of the password that can be used for verification instead.
For the technical details of how this works, see our article Serious Security: How to store your users’ passwords safely.
So, crooks who steal a password database – and there is no evidence that happened here at all – can’t directly read out the passwords, but they can try to crack them one-by-one using trial-and-error, which sometimes lets them figure out a few passwords, usually those that are shortest and most likely to be tried first.
The problem is that none of the Twitter comments we’ve seen so far give any credibility to these explanations, let alone providing evidence that Houseparty is itself implicated in any hacking.
After all, if you use the same password on all your accounts – and some people who are accusing Houseparty are at least admitting that they did just that – then any phishing attack against any of your accounts would expose all of them.
Ironically, for all we know, some of the “look, someone hacked my Netflix account after I started using Houseparty” screenshots on Twitter might themselves be phishing attacks in which the crooks send you a fake Netflix notifications to trick you into revealing your password.
And that’s the trouble here, namely that however this Houseparty accusation fiasco started, the insistence to close your account and delete the app is simply not useful advice on its own, and is likely to leave you with a false sense of security even if you do so.
What to do?
A few calm voices on Twitter are asking the obvious question, which is:
where's the evidence it was from houseparty? How do you know this had happened because of house party tho?
That’s a vital point to consider, and not just because it’s the ethically correct thing to do.
After all, if any of this “hacking” behaviour is not down to Houseparty, which is a mainstream app published by a well-known software company in Apple’s and Google’s official online stores…
…then deleting the app and feeling virtuous about closing your account is not going to help you, because you will still be at risk but will think you aren’t.
Our advice is simple:
- Don’t accuse Houseparty or Epic Games of malfeasance without strong evidence. The fact that lots of people repeated the same condemnatory text on Twitter proves nothing. If you aren’t part of the solution then you are part of the problem.
- Don’t assume that deleting Houseparty will fix your problems. The idea that all the listed symptoms above might suddenly appear on account of a single app has to be considered extremely unlikely, in which case removing the app will leave you at risk when you think you are safe.
- Do visit the Houseparty settings and decide how open you want to be. Do you want your rooms to be “locked” so you meet new people by invitation only? If not, or if you are scared of the app because trolls have been wandering into your online life, consider dialling back your openness rather than deleting the app but not changing your behaviour. Go through the same exercise for all your social media accounts.
- Do turn on 2FA (two-factor authentication) for any online accounts that support it. Don’t make it easy for someone who steals your password – which is more likely to happen via phishing that in any other way – to login to all your accounts and take them over.
- Do change passwords and watch financial statements carefully if you think your accounts have been hacked. Whether you think a specific product is to blame or not, just removing one app from your phone is not enough to “unhack” accounts that have already been taken over.
- hack bank
We’ll update this article if we learn any more genuine information – until then, please don’t blindly repeat other people’s unsubstantiated claims, because you can’t make something true simply by saying it over and over again.