Every bank customer’s nightmare: Criminals gain access to your account and clear it out. If this has already happened, the main thing is damage limitation – and to learn from this.
What to do in case of unauthorised access to your own bank account:
- If there are suspicious transactions or errors when logging into your e-banking facility, you should immediately contact your financial institution and have them block your e-banking facility, your accounts and cards.
- Disconnect any devices which could be affected by hacker or malware activities from the Internet straight away, switch them off, or set them to flight mode. You should not however reset your devices directly, since the police might request them for forensic analysis.
- Change your passwords on a separate, non-infected device. Wherever possible, activate two-factor authentication.
- In case of actual fraud, report this to the police. Note down as many available details on this fraud or attack as possible.
- In the future, protect your mobile device against unauthorised access with our “5 steps for your digital security” and our tips on secure e-banking.
How can a bank account be hacked?
Swiss financial institution e-banking portals are very well protected against hacker attacks. This should basically preclude any chance of criminals obtaining direct access to a bank’s computer system.
But unwary bank customers still pose a risk: Should hackers manage to obtain someone’s access data, they can use them to log into an e-banking facility unnoticed to trigger transactions or access confidential information. Some examples of the methods they use to do so are phishing attacks or specific malware infections. The only option left to victims then is to limit the damage done.
How to react appropriately in case of loss?
The most important measure first: React quickly in case of any suspicion! In case actual fraud occurred, you must immediately block your e-banking facility and all related accounts involved to prevent any further money disappearing.
In case you suspect fraud, for instance if there are suspicious transactions or error messages when e-banking, you should contact your financial institution straight away to co-ordinate any steps necessary. If your suspicion of fraud is confirmed, you should report this to the police in the first instance.
In case you cannot establish how criminals were able to obtain access to your account once you have discussed this with your financial institution, you should generally assume that foreigners have obtained your access data, and that your device has been infected by malware, for instance a banking Trojan.
To prevent any further misuse of your potentially stolen access data, you should change the password of your e-mail inbox plus those of all your online accounts as a precautionary measure. Please make sure though not to do so on the computer or mobile device potentially infected, but from a different device. Your e‑banking access should be blocked first. You should only change your passwords later, once you have been able to clarify the situation with your financial institution.
Wherever possible, you should set up two-factor authentification – this will provide you with a much higher level of access protection.
You should disconnect your device from the Internet and switch it off, or put it into flight mode. However, please only reset it once any potential police investigations have been concluded.
And last but not least, you will want to protect yourself properly against any future attempts at fraud. You should therefore make sure to follow our “5 steps for your digital security” and our tips for secure e-banking – because if you take the proper precautions, hackers don’t stand a chance!
