Protecting Your Finances: 7 Tips for Enhancing Your Online & Mobile Banking Security

If you follow the news about money scams at all, then you know that fraudsters and thieves always seem to keep up with innovations in security. It’s difficult to stay ahead of them but you’ve got to try if you want to protect your finances.

Here at Addition Financial, we spend a lot of time thinking about online and mobile security and how we can protect our valued members. That’s why we’ve created this guide with seven tips to enhance your online and mobile banking security.

What Are the Risks to Your Mobile Banking Security?

Let’s start by looking at some of the biggest and most common risks to your mobile banking safety.

Unsecured Networks

We’ve all been in the position of being away from home and asking for a Wi-Fi password. It’s one thing to do that at a friend’s house where the network is private. It’s another thing entirely to access your mobile banking application on a public Wi-Fi network like the one at your local Starbucks.

If you log into your mobile banking app (or use the browser on your phone or tablet to access your account) then you’re putting your account at risk. Anybody else on the network might be able to capture your password and other sensitive data and steal your money. If you must use public Wi-Fi, we recommend that you use a VPN to stay safe while browsing.

Outdated Operating Systems

When was the last time you updated the operating system on your phone? Providers send out notices about updates but there are many people who ignore them because they appear at an inconvenient time.

The trouble with skipping updates is that they often contain security patches that have been designed to address specific threats. If you don’t update your OS every time it’s required, then you run the risk of someone accessing your phone as a result.


Mobile users often fall victim to phishing scams that appear to be messages from mobile banking apps. Scammers sometimes send texts that are designed to alarm the recipient into thinking someone’s using their bank account to purchase high-ticket items. Or they may send a text that looks like it’s from a financial institution alerting the recipient to a fraud on their account.

Either way, clicking on an embedded link leads the recipient to a spoofed website where they’ll be prompted to enter the user name, password and other personal information that the scammer can then use to access their account.


This last item is one that covers an array of possible threats to your mobile banking security. Malware is a term that refers to any application or software that isn’t what it seems to be. We’re all accustomed to downloading apps onto our smartphones and tablets and we rarely read the fine print.

If you download malware, then you might be giving someone access to all the data on your phone, including your mobile banking app and personal information. You should never download any app that you haven’t verified.

What Are Common Online Banking Scams/Frauds?

There’s a lot of overlap between mobile and online banking scams and frauds, but it’s important to cover everything. Here are some of the most common scams and frauds related to online banking.

Identity Theft

Identity theft is the worst kind of financial fraud because it doesn’t only target your bank account. It targets your identity both off and online and it can take a lot of time and effort to repair the damage.

People may steal your identity using a variety of methods, including spoofed financial institution websites and phone calls. If you’re unsure about a request for personal information, don’t reveal anything. Instead, contact your credit union or bank directly.

Phishing Scams

Phishing scams are as big a risk for online banking as they are for mobile banking. Scammers may send emails hoping you’ll click an embedded link. They may even call you to ask for personal information.

We’ll talk about some ways to spot phishing scams later, but in general, we suggest taking a skeptical approach to any unexpected communication. 

Computer Viruses

Computer viruses can be delivered in a variety of ways. You could click on a malicious link, download malware, or even click on an innocent-looking ad on your Instagram feed. Any one of these things could include a virus.

Some viruses to be aware of include ransomware, where a bad actor holds your data captive and demands a ransom to return it. Viruses can scrape information, including online banking passwords, from your computer.

Donation and Purchase Scams

Not all online banking scams target your bank account directly. There are a lot of people out there who entice web users with fake charity scams or fake shopping scams, getting access to their credit card or debit card information in the process.

It’s always a good idea to be wary of solicitations you receive online, even if they appear to be from a reputable source. Once you’ve provided a scammer with your credit card or bank account number, the process of undoing the damage becomes a priority.

7 Tips to Protect Your Finances Online

The good news is that there are plenty of things you can do to boost your mobile and online banking security. Taking these steps will help you keep your money safe and avoid being taken in by the most common banking scams. Here are seven ways of protecting your finances.

#1: Use a Strong Password

The first security measure we recommend is using a strong password for both your online banking account and your mobile banking app. A weak password can be cracked quickly. According to this chart, anything under 10 characters that uses only lowercase letters or only numbers can be cracked in less than an hour.

The best option is to choose a password that’s at least 12 characters long and includes a mix of uppercase and lowercase letters, numbers and special characters. According to that same chart, a password with these characteristics would take 34,000 years to crack. If you have trouble remembering your passwords, you could structure your passwords in the form of sentences so that they are easier to remember, but still hard to crack, such as "I A+e V@n!ll@ !c3 cream Today!"

#2: Enable Multi-Factor Authentication

Every financial institution now offers account holders the option to opt in to multi-factor authentication. Multi-factor authentication or MFA requires users to enter a password plus a second form of identification to access their accounts. Some examples of MFA include the following options:

  • Biometric scan, usually a fingerprint scan
  • Texted code, where the financial institution sends a code to your phone that you’ll need to enter to continue
  • Emailed link, where your credit union or bank sends an email to verify your identity
  • Passkeys, which is a unique digital credential that's tied to a user account. These are designed to be more convenient and secure than traditional passwords.

Enabling MFA makes it exponentially more difficult for anyone to access your account without your approval.

#3: Enable Push Notifications or Email Notifications

Another way that credit unions and banks protect their account holders is by sending notifications when there’s suspicious activity on an account. Examples of suspicious activity might include:

  • One or more unusually large purchases
  • A purchase in an unusual location
  • A log-in attempt from a new device
  • A password change

When you enable push notifications, you’ll always be aware when something unusual happens on your account and you’ll be able to take action quickly. The same is true for email notifications.

#4: Credit Freezes and Locks

If you’re worried that your online banking security has been compromised or if you just want to make sure that it isn’t, you may want to consider a credit freeze or a credit lock. There are some important differences between the two.

A credit freeze is the best option if you suspect that your information has been stolen. You can put a freeze on your credit reports for a full year for free. You’ll need to contact the three major credit bureaus (Equifax, Experian and TransUnion) separately. You’ll be given a PIN to unfreeze your accounts, and you’ll need to keep that in a safe place.

A credit lock is a paid service that you can get through the main credit bureaus. With a credit lock, you can keep your credit safe at all times. You’ll need to log in using your computer or mobile device to unlock your credit if you’re applying for a new credit card or a mortgage, but you’ll have peace of mind that nobody can negatively impact your credit.

#5: Keep Your Phone Locked 

The easiest way for someone to get access to your mobile banking app is by picking up your phone. If your phone is unlocked, it becomes that much easier for them to access your information—and that includes peer-to-peer payment apps like Venmo and CashApp, where there’s no protection if you send money to the wrong person.

You should never leave your phone unattended. We suggest getting in the habit of locking your phone at all times when you aren’t using it. Make sure you use a difficult-to-guess PIN and enable fingerprint or facial recognition authentication. These things will make it impossible for someone to access your accounts directly from your phone.

#6: Learn to Recognize Phishing Scams

Phishing scams are common but you can learn to recognize them. Here are a few red flags that can help you identify a phishing scam:

  • An unfamiliar URL: Hover your mouse over a link to see the URL it leads to. Compare it to the URL of your financial institution and don’t click if it doesn’t match exactly.
  • Unusual greetings: Familiarize yourself with the greetings your financial institution uses–for example, Hi FirstName–and ignore any email or text that uses an alternative.
  • Spelling and grammar mistakes: A lot of scammers have terrible spelling and grammar, so if you get a text or email that isn’t well-written, be suspicious.
  • Alarmist wording: Scammers want to scare you into giving them your information, so be wary of anything that makes it sound like your account’s on fire.

If you notice anything suspicious, don’t click on the link. Instead, log into your online banking or mobile banking app and look at your account directly. You can always call your financial institution if you still have questions.

#7: Don’t Use Unsecured Wi-Fi

Our final tip relates to something we’ve already mentioned. It’s easy to lose sight of the security risks associated with using public or unsecured Wi-Fi to access your online bank account or mobile app.

If you must access either while you’re away from home (and not in the home of someone you trust), turn off your Wi-Fi and use mobile data instead. That way, you won’t need to worry about someone accessing your information when you log on.

Protect Your Money with Addition Financial

There’s no denying the existence of threats to your online and mobile banking security. It’s your responsibility to take appropriate steps to protect your finances. The seven steps we’ve listed here can do a great deal to enhance your security and protect your hard-earned money.

Are you looking for a credit union that prioritizes online and mobile security? Addition Financial is the solution! Click here to read about the benefits of membership and open an account today.

The content provided here is not legal, tax, accounting, financial or investment advice. Please consult with legal, tax, accounting, financial or investment professionals based on your specific needs or questions you may have. We do not make any guarantees as to accuracy or completeness of this information, do not support any third-party companies, products, or services described here, and take no liability or legal obligations for your use of this information.