Finder is committed to editorial independence. While we receive compensation when you click links to partners, they do not influence our opinions or reviews. Learn how we make money.
What should I do if my bank account is hacked?
If you notice any unusual activity, notify your bank immediately.
Cyber attacks on banks happen all too frequently. Thankfully, most banks are well protected against hackers, and the threat of a cyber attack shouldn’t deter you from using a financial institution.
But should your hard-earned money be compromised, here’s how to regain control of your account.
Signs your bank account has been hacked
Keep a close eye on these warning signs that your account could be compromised:
- Strange purchases. Seeing activity that’s out of the ordinary may be the first clue that a hacker has infiltrated your account. Watch for transactions made in locations where you haven’t been.
- Unfamiliar transactions. Sometimes you’ll notice small yet unfamiliar purchases. Thieves often do that to test if your card will work before making larger ones.
- Blocked login. If a hacker accesses your account from an unfamiliar location or tries your password too many times, your account may block you from logging in.
- Phone call from your bank. If your account is compromised, your bank may call to notify you of the recent breach. However, it’s essential that you don’t provide the caller with any personal information.
- Closed or emptied account. In more extreme cases, you may find that your bank account has been emptied or closed altogether.
- Denied card. If your account is compromised, your account could be emptied or your card could be frozen by your bank, leading to denied transactions.
Depending on your bank, it will notify you of suspicious activity and automatically cancel fraudulent charges and issue you a new card.
What to do if your bank account is hacked
If you believe your account has been hacked, there are a few important steps you should take:
View and verify account activity. First, go through your account activity to confirm any fraudulent charges. Some legitimate transactions may seem fraudulent if the company does business under a different name.
Call your bank. Once you’ve confirmed that your account has been hacked, call your bank to report the fraud. They can help you solve the issue and possibly return funds to your account.
Freeze your account. If possible, freeze your bank account online, on the app or by speaking with customer service.
Change your pins and passwords. Change your bank account pin to something entirely different and secure. Also, consider changing the passwords to your online banking account, email and other online accounts — and try not to use the same password.
Check your credit history. If your bank account is hacked, it’s possible that the hacker tried to open a credit card in your name. Speak with your bank to find out if they can check your credit history for free.
File a police report. Finally, consider filing a police report. It’s unlikely that you’ll have any information on the person who hacked you, but reports from multiple victims could increase the chances of the thief being caught.
What to do if you don’t agree with your bank’s fraud resolution
In most cases, you won’t be liable for funds lost due to hacking and fraud. However, if you don’t agree with your bank’s fraud resolution, here’s what you can do:
- Keep a record of all communications with your bank
- Speak with the fraud department directly
- Escalate your case to a manager or supervisor
- File a complaint with the Consumer Financial Protection Bureau
- If all else fails, you can consider taking legal action
Types of bank account hacking and fraud
Knowing the weak spots that hackers look for and the tricks they use can go a long way in protecting you from cyber theft:
- Weak passwords. Using simple, easy to guess passwords can put your accounts at risk.
- Fraudulent texts and phone calls. Beware of any emails or phone calls from numbers claiming to be your bank. They might just be looking to steal your information to access your account.
- Phishing links. Watch out for unfamiliar links in emails or while browsing online. While they might look legitimate, these links and websites are designed to look official to trick you into entering your information.
- Malware. This type of virus can be picked up from sketchy websites and emails, infecting your computer and possibly intercepting your information and passwords.
- Leaks. Websites and banks affected by security breaches can allow unauthorized people to access your info. It’s essential that you use different passwords for all of your online accounts. Otherwise, a breach on one website could affect all of your online accounts.
- Public Wi-Fi. Avoid logging into your bank account on public Wi-Fi, as hackers could use the public connection to intercept your information and access your accounts.
- Social engineering. Some hackers will go the extra mile to access your information by calling your bank and impersonating you. And since most banks will use your personal information to verify your identity, it’s important to not give your personal information to strangers.
- Card scanners. These devices — when placed over an existing, legitimate card scanner — will take a picture of your card and could record your pin. When using an ATM in an unfamiliar location, wiggle the card socket to check for a fraudulent card scanner.
How to prevent bank account hacking
Stay safe online
- Check for site security. Most legitimate sites will have privacy and security terms that you can review. Secure URLs start with https — not http.
- Avoid public networks for banking. That means no quick peeks at your finances while you’re out shopping or working. Using public networks can compromise your personal security and put your information at risk.
- Don’t give your contact info to strangers. Confirm who’s calling or writing first before providing any information.
- Run antivirus and anti-malware software. Doing so could prevent computer viruses and the loss of your information.
- Beware of spam. Email software is effective at getting rid of spam most of the time. However, hackers design sites that mimic bank websites, so random emails that ask you to go to the bank’s website to confirm your information are most likely a scam.
Use strong passwords
- Don’t use the same passwords. Avoid using the same passwords for multiple online accounts. Otherwise, a security breach on one website could compromise all of your accounts.
- Keep your passwords and pins safe. That means not giving them out to anyone, including family, friends or anyone soliciting them over email. Also, try not to write them down.
- Strong security questions. The answers to your security questions won’t be verified, so you can choose any answer you’d like. Consider making the questions difficult or the answers harder to guess.
- Two-factor authentication. If possible, sign up for two-factor authentication. This security measure will require you to confirm your identity with your phone or email, decreasing the chances of unauthorized access.
- Use more characters — and symbols — in your password. The more characters in your password, the better. A mix of random letters, numbers and special characters will take much longer to crack than a simple word or series of numbers.
- Report suspicious activity. Report any suspicious people or unverifiable companies soliciting your banking information. You may also want to contact your bank.
- Double-check your transactions. Look over your statements for any fraudulent purchases and report anything suspicious right away.
- Keep an eye on your credit history. If someone gets access to your bank account, they could sign up for credit cards and other financial products that would affect your credit. Check your credit history if you think your account is at risk.
- Sign up for text alerts. Apps and text alerts can send you a notification whenever your debit card is used. This can help you track spending and immediately know where and when your card is used.
How banks keep your accounts safe from hackers
Banks are liable
If a hacker steals money from a bank, the customer won’t lose money since the bank is liable to refund money for fraudulent debit transactions. However, it’s important to report fraud as soon as possible, as the bank’s liability decreases over time.
If you report a lost or stolen card immediately and before it’s used, you can’t be held liable for any charges. If you report a charge within 48 hours, you could be responsible for up to $50, or up to $500 if you wait longer than two days. Beyond 60 days, your bank is no longer responsible for the lost funds and you might be out any money that was stolen.
Banks are improving security
Since banks are constantly under attack, they need to ensure every aspect of their security is up to date. This means they generally have the latest software designed to protect you and your money.
Ensure your account is not vulnerable
Most banking websites allow you to activate a feature called “remember your password” when you log in online. This allows you to skip several layers of security the next time you log in since the bank recognizes your computer’s IPv4 address — a unique identifier for each Internet connection.
However, malware is a tool that hackers use to imitate your IPv4 address in order to gain access to your bank account. And since you usually won’t know that they have control over your computer, it’s best to disable the “remember your computer” feature.
As stressful as having your bank account hacked may be, there’s a chance you could get your money back if you act fast. Banks are generally responsible for any charges due to cybersecurity breaches, but you should still always be prepared.
There are a number of things you can do to reduce the chances of your bank account being hacked, and choosing the right bank is one of them. Compare your options to find a bank and account that meet your needs.
Ask an Expert