Why you shouldn't use public wi-fi for online banking

Online privacy settings don't protect you from everything

Updated: 

Businessman texting at sidewalk cafe

More Brits are managing their finances on the web today than ever before - with 60% of the population using an online banking app or website in 2016, official statistics show.

That's compared to 30% in 2007 - the start of the app revolution and when high streets had hundreds more banks on them.

See also: Scamwatch: fake friend requests

See also: Beware new Amazon scam targeting Twitter users

But while smartphones and online websites have huge advantages - letting you pay bills and transfer cash in seconds wherever you have a signal - criminals are finding ways to use online banking against us too.

"You need to follow a combination of good online hygiene and take additional precautions where necessary for peace of mind," said Simon Migliano, head of research at cyber security website Top10VPN .

"Mobile banking apps should all be communicating to the bank via secure SSL encryption, so in theory it's should be safe to use a banking app," he explained.

"But, that's only if you're using the official app for your bank, as there's the potential to download copycat versions on smartphones."

And that's far from the only risk.

"There's no guarantee that how, when and where you're using your banking app means it remains safe," Migliano added.

"You could be using it in the airport or on the train on public wi-fi, in which case it becomes possible for criminals to intercept your personal details."

Public wi-fi isn't the only risk, either. There are far lower-technology ways criminals can get your details too.

Online privacy settings don't protect you from "Shoulder Surfers", Migliano said. These are hackers that obtain information in the same way that they gather pin numbers at ATM machines - by looking at what you type into your phone when you log on.

We caught up with some experts to work out the where the risks lie - and how you can stay safe.

1. Make sure your app is official

Credits: Getty

Ensure you are using the bank's official app, and not one designed to look the same to trick you into entering your details

Following a link to download an app could land you in a lot of trouble, explained Raj Samani at McAfee security.

"Always download the official mobile banking app from the official app store and ALWAYS ensure that the web address starts with https//: and NOT http//:."

Migliano added: "The best way to avoid getting caught out is to download through a reputable source such as Google Play or the App Store.

"Then, continue to keep the app secure by downloading any new updates as soon as you are prompted to do so."

2. Never respond to out-of-the-blue emails

Credits: Getty

You might quickly regret it

Thousands of people fall victim to this scam every year, but do remember that banks will never send unsolicited emails or text messages asking for personal details such as your date of birth, address or mobile banking passwords.

"Report any phishing mails and contact your branch if you have any doubts. Also do not click within the email, if you are concerned about a message you have received via email simply contact the bank directly," explained Samani.

How to spot a scam email - and what to do if you receive a suspicious message

3. Don't use a public wi-fi hotspot for banking

Credits: Getty

It might make perfect sense from a data-saving perspective, but public wi-fi should only be used for general browsing

Connecting to unprotected wi-fi and Bluetooth devices can expose your personal information to cybercriminals - so avoid these networks when handling sensitive information.

You should never access your mobile or online banking data through an unsecured wireless network, such as in a hotel or café.

With this in mind, remember to update your Bluetooth and wi-fi history to remove any 'remembered' networks. This will ensure you never connect to a public wi-fi network without authorising it first.

According to password protection website Keeper Security, leaving your Bluetooth open could leave your phone open to intruders.

"Don't make your Bluetooth connection discoverable . This opens you up to the risk of ' bluesnarfing ', which enables the attacker to gain access to any information or service on the device without your permission," a spokesperson told Mirror Money.

4. Use different pin numbers

Try to keep all pin numbers and passcodes different

"It might be a given that your banking app or website will ask for a range of passwords and security questions to allow you to access your accounts," said Samani.

"However, your 4-6 digit online PIN should not be the same as your card pin."

If the passwords match and a criminals gains access, they'll be able to dip into all of your accounts, not just the one.

The painless way to make an un-hackable password AND remember it easily

5. Are you protected?

It goes without saying that having the latest security software running on your computer is essential but you also need software that safeguards your phone, devices and computers.

"Don't ignore the software updates for your computer or mobile's security software," explained Barclays.

Banks will often offer this for free as part of its app or online service - as an extra measure to protect your details.

6. Avoid public charging stations

Credits: Getty

Phone charging from a laptop can be dangerous

"Once you plug your phone into a USB port, an attacker can download files, install malware and monitor your keystrokes" experts at Keeper Securit said.

"A recently discovered threat called 'video jacking' even enables them to get a peek at your phone's display and to record everything you tap, type or view."

If your phone is constantly low on battery, invest in your own portable battery instead.

Victims of scams and fraud

Victims of scams and fraud


provided by