Sign On
  • Online Banking
    Sign On Form is Loading

Having the ability to pay for goods and services online without cash or checks makes it easier than ever to complete purchases and conduct bank business. But all that online convenience makes it easier for scammers and hackers to access bank funds online, too.

Hackers are continually coming up with new ploys to defraud unsuspecting victims. Here are some of the latest online banking security vulnerabilities, and ways to counteract them.

Help protect your finances with these five tips on online banking safety and the use of related services.

1. Conduct a Banking Security Checkup

  • Before banking online, find what security features your bank has in place to keep your online account and transactions secure. Be sure that your financial institution has implemented robust, industry-standard security measures such as the use of website encryption and strong sign-on requirements.
  • Also look for the option to use multifactor authentication measures whenever possible. That means that each time you log in, you’ll be required to answer security questions or supply a unique code, sent to you via text or phone call, along with your password. Having this additional security measure helps to prevent unauthorized access to your account, even if someone gets your user ID and password. In the case of security questions, change your chosen questions and answers regularly, do not use information readily available and never share it.
  • If available, make use of biometric identifiers such as fingerprints and facial recognition, as they are an even more secure option for mobile banking.

2. Select Private Networks

  • Use a secured, password-protected network when banking online or when making online transactions to and from your bank account.
  • Don’t log in to your bank account when on public Wi-Fi, such as in a coffee shop, shopping mall or the airport, and don’t make purchases using your bank debit card on these networks either.
  • Instead of public Wi-Fi, you may opt to use cellular data or set up and use a virtual private network (VPN) on your devices. Even though bank transactions are likely to be encrypted, hackers could still attempt to collect your private information and/or intercept your communications.

3. Set Up Fail-Safe Measures

  • Sign up for account alerts from your bank to notify you of large transactions on your accounts or when the balance drops to a certain level. This measure can help you stop fraudulent attacks by giving you the opportunity to alert your financial institution quickly.
  • Keep system and antivirus software on your devices current to help prevent being affected by the latest security risks.

4. Monitor Your Account

  • In addition to receiving alerts for suspicious activity, you should regularly check your account balances and monitor your transaction history to be sure you recognize all activity.
  • Contact your bank and change your password if you notice something strange. Be sure to act fast: If you see fraudulent charges but wait more than a couple of days before reporting them, then you could lose out on some reimbursements.

5. Be Smart When Using Digital Wallet Apps

The rise of peer-to-peer (P2P) payment apps like Venmo, PayPal and Zelle® make it easier than ever to conduct transactions using funds from your bank account. But, while these applications are linked to bank accounts and credit cards, many times they don’t carry the same financial protections.

The biggest security risk of P2P services is that they’re designed for exchanging funds between people who know and trust each other. They also may not be intended for payments to businesses and may carry little to no protections for buyers and sellers. Once the funds change hands, it can be difficult to get payments reversed. As such, they open additional avenues to hackers.

  • Here are some of the limitations that can work to hackers’ benefits:
    • If buyers pay sellers but sellers don’t deliver the goods sold, then there’s no way for the buyer to get their money back.
    • Should one of the parties try to dispute a payment made in error, it can be difficult to get the service to reverse it.
    • If a purchase is made with a stolen credit card, then those funds can be removed from the seller’s account by the credit card company, exposing the seller to losses.
  • To protect yourself from P2P fraud, be aware of the fine print around P2P payment apps and when it may be appropriate to use a different form of payment:
    • Only use P2P apps when exchanging funds with people you know and trust. You can report the incident to the P2P service if you believe you were scammed, but assistance varies by service. You can also report scams to the Federal Trade Commission and to the Better Business Bureau.
    • When sending money, always verify the username and contact details to be sure you’re dealing with the right individual and not an impostor.
    • Keep P2P apps up to date, as hackers are notorious for exploiting unaddressed security issues.
    • Don’t allow strangers to use or borrow your cellphone, as that could be an attempt to get to your P2P account.
    • If the P2P app offers a transactions feed where users share information about their transactions, then consider keeping your feed private. Hackers can comb through this information to get more details about you and the purchases you make.
    • Don’t use a P2P app to pay for business transactions unless the seller has been specifically authorized to accept those payments.
    • Choose a payment option that offers buyer and seller protection if you don’t know the buyer or seller, such as PayPal, cash, checks and money orders.

The convenience of online banking means these services likely are here to stay, even as bad actors continue to search for unsuspecting victims. By being aware of the most common tactics, you can help safeguard your finances when banking online and minimize the risks you face.

This material is presented for informational purposes only and should not be construed as individual tax or financial advice. KeyBank does not provide legal advice.

By selecting any external link on, you will leave the KeyBank website and jump to an unaffiliated third-party website that may offer a different privacy policy and level of security. The third party is responsible for website content and system availability. KeyBank does not offer, endorse, recommend or guarantee any product or service available on that entity's website.

Call Us


Clients using a TDD/TTY device:

Clients using a relay service:

Schedule an Appointment

Talk to a Branch Manager in your neighborhood.

Schedule an appointment now

Find a Branch or ATM