PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

7 Tips for Safe Online Banking

Neil J. Rubenking
 & Neil J. Rubenking Principal Writer, Security

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

You can take care of many banking tasks without ever entering the bank. Just log in to the bank's website to check balances, make transfers, and even deposit checks using your smartphone's camera. But beware; anything you can do online, cyber-criminals or identity thieves might be able to take advantage of. They don't need guns, masks, or getaway cars to rob you blind. Here are seven tips for safe online banking.

Recommended by Our Editors

How We Test Password Managers
How We Test Password Managers
Still Using Passwords? It's Time to Upgrade to Passkeys Now
Still Using Passwords? It's Time to Upgrade to Passkeys Now
Don't Let Your Passwords Die With You. Here's How to Share Account Access Safely
Don't Let Your Passwords Die With You. Here's How to Share Account Access Safely
1. Use a Strong Password. It probably doesn't matter if someone else gains unauthorized access to your Club Penguin password. You may have to do some damage control and explain that you didn't actually post those nasty messages. But a malefactor who cracks or guesses your online banking password can drain your account dry. If you memorize just one strong password, make it your online banking password.
2. Use a Password Manager. Okay, in the real world you probably have more than one online financial account. Rather than strain your brain memorizing tough, hard-to-crack passwords for each of them, enlist the help of a password manager. The best ones not only store your passwords securely but also help you work through your collection of passwords and replace weak ones and duplicates. Furthermore, you can get excellent password management without paying a penny (though you do get more from the paid services).
3. Enable Two-Factor Authentication. Check with your bank to see if its online banking site supports two-factor authentication. With some banks, you can register your smart phone for authentication. Each time you log in, the site texts you a code that you must enter in addition to your password. Other banks may issue you a security token with an ever-changing code. To log in, you enter your password and the current code displayed on the token. Whatever form of two-factor authentication your bank offers, take advantage of it.
4. Use a VPN. For the best security, you should avoid doing online banking when connected to a network you don't control. That hipster nursing a cappuccino in the corner of the café may be sniffing your network traffic, or the café's owner may have installed a traffic monitor. If you can't resist, at least connect through a Virtual Private Network. Now nobody can read your encrypted traffic. For free VPN protection, we like CyberGhost and VPNBook. Commercial VPNs like Private Internet Access and Norton Hotspot Privacy are ad-free, with more power and flexibility. Do note that logging in using a VPN changes your IP address, which may cause the website to require an extra layer of authentication.
5. Use Your Data Plan. In-house VPN expert Fahmida Y. Rashid doesn't think highly enough of any mobile VPN solution to name an Editors' Choice. However, if you're doing online banking on a mobile device, you have a degree of protection built right in. Just turn off Wi-Fi and connect using your cellular data plan. It's a lot harder for criminals to sniff your cellular data stream than to snag passwords from network traffic.
6. Get Help. You should definitely install a security suite for protection against exploits and password-stealing Trojans. When choosing your suite, look for features aimed specifically at protecting financial transactions. The SafePay feature in Bitdefender Internet Security 2015£24.99 at Bitdefender UK launches your financial sites in a hardened browsing environment that includes a virtual keyboard for added privacy. Kaspersky Internet Security (2015)'s Safe Money feature automatically opens financial sites in a sandboxed instance of your default browser. Both accomplish the same task—isolating your financial transactions from other processes on the computer.
7. Check It Often. It's always possible that despite your best efforts, your account could get hacked. Make a point of logging in several times a week, or even daily, to check recent activity. The sooner you detect a breach and report it to your bank, the better your chances to regain control of your money.

Armed with these tips, you should be able enjoy the convenience of online banking without risking catastrophic loss of your funds. Stay alert!

About Our Expert

Neil J. Rubenking

Neil J. Rubenking

Principal Writer, Security

My Experience

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.

Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.

In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.

The Technology I Use

Much of the testing I do, particularly testing with real-world ransomware, is just plain dangerous. To perform such tests safely, I sequester them inside virtual machines managed by VMWare Workstation. For cross-platform testing, I use a MacBook Air, a Google Pixel 4, and a 6th-generation iPad.

I rely on my Delphi coding skills to create and maintain small applications. These include programs to check whether an antivirus correctly handled the malware it detected, launch dangerous URLs and record the security program’s reaction, and analyze the malware that I collect for use in testing. I also wrote a tiny browser and text editor for use in testing security apps that have predefined reactions for known products.

I do my writing and research on a Dell OptiPlex desktop, relying on Microsoft Word (my fingers know all the shortcuts). Many of my articles include charts and analysis; Excel is my go-to for those. When work hours end, though, I escape the bounds of Microsoft and Windows. There’s an iPhone in my pocket, I relax with my oversized iPad, and my Kindle Oasis is always loaded with the best science fiction and fantasy.

Read the latest from Neil J. Rubenking

Read full bio