Online security myths: It's my bank's job to look after my money, not mine

How to stay safe when banking online

Shopping online

It may be your bank's job to look after your money, but it's your job to look after your identity. If you haven't protected yourself and a scammer steals your identity, your bank could refuse to refund you. The bank has to show that you haven't been careful with your passwords and/or PIN. So it's sensible to avoid using your birthday, your child's name or simple passwords like 0000 or 1234.

There are two ways in which scammers can steal your identity – physically and digitally:

Physical scams

Scammers search through your bins or communal post boxes for your name, address and any other identifiers (such as date of birth). Once they have this, they start applying for credit and financial services in your name.

Keep an eye out for financial post (such as bank statements and credit card bills) not arriving when you'd expect. This could indicate that someone has changed your address with the company.

Digital scams

Digital identity theft is often conducted through phishing. This is when a scammer tries to get information from you under the guise of a legitimate company.

For example, you may receive a phishing phone call 'from your bank' asking you security questions or for your PIN. Banks will never ask for your PIN. They will ask you to answer security questions though, so always refuse to answer and call them back instead (using the phone number on the official website).

You may also receive phishing emails. Be vigilant and don't give up any information – contact the bank directly. Strangely enough, these email scams can often be full of spelling mistakes and bad grammar. There's a reason for this, and it's not necessarily that the scammer is not fluent in English. Rather, they are targeting such high numbers of people that they try to weed out those who are not going to fall for the scam, so they can focus on the more gullible.

Many of us like to use online banking for the ease. Banks will often make you use two-factor authentication to log in. However, there are steps you can take to protect yourself further:

Protecting your money is easy and inexpensive

SuperSafe powered by F-Secure includes advanced banking protection. Eight-device protection £2 per month (and it's worth £99 a year). Log in to My Account, select the package you want and you will receive an email from F-Secure to install it on your device for full protection.

Extra tips to keep you safe

1. Don't overshare on social media, this gives away personal information that scammers can easily collect.

Do your Facebook friends need to know the year of your birth? Do your Twitter followers need to know who your mortgage is with?

2. Protect your Verified by Visa, PayPal and other financial services accounts with difficult passwords.

Of course, these are more difficult to remember, so use a password manager to create and store them. A password manager is accessed with one master password, so you'll only have to remember one in future. These tools come as desktop and mobile apps, so you will always have them to hand when you need them. Here is a free one you can try.

3. When choosing your security questions, think about who already knows the answers.

You were at primary school with hundreds of children – they all know the name of your first teacher. And the town in which you were born is possibly right there on your Facebook profile.

4. Consider creating a pseudo profile for sites which really don't need to know your real details.

Your email service and social networking sites don't need to know your date of birth and you don't need to answer security questions truthfully. However, to make sure you don't forget your fake answers, keep note of them in your password manager.