Protect yourself from mobile-banking app scams
Security flaws in some mobile-banking apps are being exploited by crooks.
Mobile-banking security is becoming a growing issue as more and more people use banking apps.
Last year the issue gained the public’s attention when a group of thieves started breaking into lockers at gyms across London to steal bank cards and mobile phones while their owners were exercising.
They were then able to use the cards to go on shopping sprees at stores such as Apple and Harrods. Some of the victims reported that their banks were initially unwilling to refund them, saying that the criminals had used their PIN code, so they must have been at fault (eg, by keeping a note of the code with their cards).
Subscribe to MoneyWeek
Subscribe to MoneyWeek today and get your first six magazine issues absolutely FREE
Sign up to Money Morning
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
Don't miss the latest investment and personal finances news, market analysis, plus money-saving tips with our free twice-daily newsletter
Later the banks gave in as it became clear that the problem was not their customers’ carelessness, but weak points in mobile-banking security.
Common bank app scams
There’s no shortage of ways that thieves can try to get into somebody’s account, but many of these involve having some personal information to wriggle around security protocols.
However, what appears to be happening in these cases is simpler. The thief has the cards and the phone. Of course, if they have been able to get a PIN – for example, by watching over the victim’s shoulder as they unlock their phone or use their card – their task is much easier, especially as many people tend to use the same PIN for multiple purposes.
But even if they don’t, they may still be able to get into some bank accounts. The thief installs the mobile banking app for the bank that issues the cards on a new phone and uses the card details to register for it.
Some banks require you to pass detailed identity checks to do this, but a one-time passcode sent to your phone by text message will be enough with others. While the thief can’t get into the original phone, they may be able to read the message in the lock screen if – like many people – the victim has message previews enabled.
Alternatively, they can put the SIM from the stolen phone into another phone. At this point, they can get into the victim’s account via the app, which may allow them to check the PIN for the card or transfer funds to another account, with minimal other security checks.
The apps not vulnerable to scams
Not all apps are so vulnerable: consumer group Which reckons that Lloyds/Halifax, Virgin Money and Barclays are weaker than Chase or Monzo, for example.
But rather than relying on your bank, there are a few steps that can help stop this kind of fraud, beyond obvious ones such as having a hard-to-guess PIN. First, disable message previews so they can’t be seen when your phone is locked.
Second, set a SIM PIN, which stops your SIM being used in a new phone by somebody who doesn’t know the code.
Third, make sure you have Find My iPhone (Apple) or Google’s Find My Device (Android) enabled, so that you can lock and wipe your device remotely if it’s stolen – but note this alone won’t stop a SIM-swap, for example.
Sign up to Money Morning
Our team, led by award winning editors, is dedicated to delivering you the top news, analysis, and guides to help you manage your money, grow your investments and build wealth.
Cris Sholto Heaton is an investment analyst and writer who has been contributing to MoneyWeek since 2006 and was managing editor of the magazine between 2016 and 2018. He is especially interested in international investing, believing many investors still focus too much on their home markets and that it pays to take advantage of all the opportunities the world offers. He often writes about Asian equities, international income and global asset allocation.
Cris began his career in financial services consultancy at PwC and Lane Clark & Peacock, before an abrupt change of direction into oil, gas and energy at Petroleum Economist and Platts and subsequently into investment research and writing. In addition to his articles for MoneyWeek, he also works with a number of asset managers, consultancies and financial information providers.
He holds the Chartered Financial Analyst designation and the Investment Management Certificate, as well as degrees in finance and mathematics. He has also studied acting, film-making and photography, and strongly suspects that an awareness of what makes a compelling story is just as important for understanding markets as any amount of qualifications.
-
Do you qualify for the Winter Fuel Payment if you live abroad?
The Winter Fuel Payment will be means tested for expats living in Europe, in line with the new rules impacting those in the UK. But a quirk in the system means not all countries are eligible.
By Katie Williams Published
-
What the Employment Rights Bill means for your job
New workplace reforms are set to give employees new rights to benefits and flexible working
By Marc Shoffman Published
-
Act now to bag NatWest-owned Ulster Bank's 5.2% easy access savings account
Ulster Bank is offering savers the chance to earn 5.2% on their cash savings, but you need to act fast as easy access rates are falling. We have all the details
By Marc Shoffman Last updated
-
Moneybox raises market-leading cash ISA to 5%
Savings and investing app MoneyBox has boosted the rate on its cash ISA again, hiking it from 4.75% to 5% making it one of top rates. We have all the details.
By Ruth Emery Published
-
October NS&I Premium Bonds winners - check now to see what you won
NS&I Premium Bonds holders can check now to see if they have won a prize this month. We explain how to check your premium bonds
By Kalpana Fitzpatrick Published
-
Bank of Baroda closes doors to UK retail banking
After almost 70 years of operating in the UK, one of India’s largest bank is shutting up shop in the UK retail banking market. We explain everything you need to know if you have savings or a current account with Bank of Baroda
By Vaishali Varu Published
-
How to earn cashback on spending
From credit cards and current accounts to cashback websites, there are plenty of ways to earn cashback on the money you spend
By Vaishali Varu Last updated
-
John Lewis mulls buy now, pay later scheme
The CEO of John Lewis has said the retailer will consider introducing buy now, pay later initiatives for lower-priced items.
By Pedro Gonçalves Published
-
State pension triple lock at risk as cost balloons
The cost of the state pension triple lock could be far higher than expected due to record wage growth. Will the government keep the policy in place in 2024?
By Nicole García Mérida Last updated
-
Paragon raises rate on one-year fixed cash ISA to 5.75%
Paragon Bank ups its one-year fixed cash ISA rate to 5.75% - is it enough to top the table?
By Vaishali Varu Published