Cyber attacks on banks happen all too frequently. Thankfully, most banks are well protected against hackers, and the threat of a cyber attack shouldn’t deter you from using a financial institution.
But should your hard-earned money be compromised, here’s how to regain control of your account.
Key takeaways
Signs of hacking: Watch for strange purchases, unfamiliar transactions, blocked logins and calls from your bank.
Take action if hacked: Verify activity, call your bank, freeze your account, change pins/passwords and check credit history.
Prevent hacking: Use strong passwords, avoid public Wi-Fi and enable two-factor authentication.
Choose secure banks: Opt for banks with robust fraud protection like Ally, Bank of America or Capital One.
What to do if your bank account is hacked
If you believe your account has been hacked, there are a few important steps you should take:
1. View and verify account activity. First, go through your account activity to confirm any fraudulent charges. Some legitimate transactions may seem fraudulent if the company does business under a different name.
2. Call your bank. Once you’ve confirmed that your account has been hacked, call your bank to report the fraud. They can help you solve the issue and possibly return funds to your account.
3. Freeze your account. If possible, freeze your bank account online, on the app or by speaking with customer service.
4. Change your pins and passwords. Change your bank account pin to something entirely different and secure. Also, consider changing the passwords to your online banking account, email and other online accounts — and try not to use the same password.
5. Check your credit history. If your bank account is hacked, it’s possible that the hacker tried to open a credit card in your name. Speak with your bank to find out if they can check your credit history for free.
6. File a police report. Finally, consider filing a police report. It’s unlikely that you’ll have any information on the person who hacked you, but reports from multiple victims could increase the chances of the thief being caught. If caught, they could face fines up to $1 million or go to prison for up to 30 years.
Limited-time offer: get 20% off your subscription.
Earn up to a 6% savings bonus and 1% cashback.
Tools for saving, spending and earning.
Financial account monitoring and identity theft protection.
$24.98/month.
What to do if you don’t agree with your bank’s fraud resolution
In most cases, you won’t be liable for funds lost due to hacking and fraud. However, if you don’t agree with your bank’s fraud resolution, here’s what you can do:
Keep a record of all communications with your bank
Speak with the fraud department directly
Escalate your case to a manager or supervisor
File a complaint with the Consumer Financial Protection Bureau
If all else fails, you can consider taking legal action
Who is most likely to be researching bank account fraud?
Finder data suggests that men aged 25-34 are most likely to be researching this topic.
Response
Male (%)
Female (%)
65+
5.57%
6.16%
55-64
7.18%
8.67%
45-54
8.12%
8.98%
35-44
9.78%
10.78%
25-34
10.91%
8.79%
18-24
8.56%
6.50%
Source: Finder sample of 16,779 visitors using demographics data from Google Analytics
Signs your bank account has been hacked
Keep a close eye on these warning signs that your account could be compromised:
Strange purchases. Seeing activity that’s out of the ordinary may be the first clue that a hacker has infiltrated your account. Watch for transactions made in locations where you haven’t been.
Unfamiliar transactions. Sometimes you’ll notice small yet unfamiliar purchases. Thieves often do that to test if your card will work before making larger ones.
Blocked login. If a hacker accesses your account from an unfamiliar location or tries your password too many times, your account may block you from logging in.
Phone call from your bank. If your account is compromised, your bank may call to notify you of the recent breach. However, it’s essential that you don’t provide the caller with any personal information.
Closed or emptied account. In more extreme cases, you may find that your bank account has been emptied or closed altogether.
Denied card. If your account is compromised, your account could be emptied or your card could be frozen by your bank, leading to denied transactions.
Depending on your bank, it will notify you of suspicious activity and automatically cancel fraudulent charges and issue you a new card.
How to prevent bank account hacking
Stay safe online
Check for site security. Most legitimate sites will have privacy and security terms that you can review. Secure URLs start with https — not http.
Avoid public networks for banking. That means no quick peeks at your finances while you’re out shopping or working. Using public networks can compromise your personal security and put your information at risk.
Don’t give your contact info to strangers. Confirm who’s calling or writing first before providing any information.
Run antivirus and anti-malware software. Doing so could prevent computer viruses and the loss of your information.
Beware of spam. Email software is effective at getting rid of spam most of the time. However, hackers design sites that mimic bank websites, so random emails that ask you to go to the bank’s website to confirm your information are most likely a scam.
Use strong passwords
Don’t use the same passwords. Avoid using the same passwords for multiple online accounts. Otherwise, a security breach on one website could compromise all of your accounts.
Keep your passwords and pins safe. That means not giving them out to anyone, including family, friends or anyone soliciting them over email. Also, try not to write them down.
Strong security questions. The answers to your security questions won’t be verified, so you can choose any answer you’d like. Consider making the questions difficult or the answers harder to guess.
Two-factor authentication. If possible, sign up for two-factor authentication. This security measure will require you to confirm your identity with your phone or email, decreasing the chances of unauthorized access.
Use more characters — and symbols — in your password. The more characters in your password, the better. A mix of random letters, numbers and special characters will take much longer to crack than a simple word or series of numbers.
Be vigilant
Report suspicious activity. Report any suspicious people or unverifiable companies soliciting your banking information. You may also want to contact your bank.
Double-check your transactions. Look over your statements for any fraudulent purchases and report anything suspicious right away.
Keep an eye on your credit history. If someone gets access to your bank account, they could sign up for credit cards and other financial products that would affect your credit. Check your credit history if you think your account is at risk.
Sign up for text alerts. Apps and text alerts can send you a notification whenever your debit card is used. This can help you track spending and immediately know where and when your card is used.
Types of bank account hacking and fraud
Knowing the weak spots that hackers look for and the tricks they use can go a long way in protecting you from cyber theft:
Weak passwords. Using simple, easy to guess passwords can put your accounts at risk.
Fraudulent texts and phone calls. Beware of any emails or phone calls from numbers claiming to be your bank. They might just be looking to steal your information to access your account.
Phishing links. Watch out for unfamiliar links in emails or while browsing online. While they might look legitimate, these links and websites are designed to look official to trick you into entering your information.
Malware. This type of virus can be picked up from sketchy websites and emails, infecting your computer and possibly intercepting your information and passwords.
Leaks. Websites and banks affected by security breaches can allow unauthorized people to access your info. It’s essential that you use different passwords for all of your online accounts. Otherwise, a breach on one website could affect all of your online accounts.
PublicWi-Fi. Avoid logging into your bank account on public Wi-Fi, as hackers could use the public connection to intercept your information and access your accounts.
Social engineering. Some hackers will go the extra mile to access your information by calling your bank and impersonating you. And since most banks will use your personal information to verify your identity, it’s important to not give your personal information to strangers.
Card scanners. These devices — when placed over an existing, legitimate card scanner — will take a picture of your card and could record your pin. When using an ATM in an unfamiliar location, wiggle the card socket to check for a fraudulent card scanner.
How banks keep your accounts safe from hackers
Banks are liable
If a hacker steals money from a bank, the customer won’t lose money since the bank is liable to refund money for fraudulent debit transactions. However, it’s important to report fraud as soon as possible, as the bank’s liability decreases over time.
If you report a lost or stolen card immediately and before it’s used, you can’t be held liable for any charges. If you report a charge within 48 hours, you could be responsible for up to $50, or up to $500 if you wait longer than two days. Beyond 60 days, your bank is no longer responsible for the lost funds and you might be out any money that was stolen.
Banks are improving security
Since banks are constantly under attack, they need to ensure every aspect of their security is up to date. This means they generally have the latest software designed to protect you and your money.
Ensure your account is not vulnerable
Most banking websites allow you to activate a feature called “remember your password” when you log in online. This allows you to skip several layers of security the next time you log in since the bank recognizes your computer’s IPv4 address — a unique identifier for each Internet connection.
However, malware is a tool that hackers use to imitate your IPv4 address in order to gain access to your bank account. And since you usually won’t know that they have control over your computer, it’s best to disable the “remember your computer” feature.
Common fraud protections banks put in place to prevent fraud include using AI and machine learning to monitor transactions, verifying someone’s identity through biometrics and two-factor authentication and evaluating the bank’s processes for legal compliance. These six banks take security a step further.
1. Ally Bank
Ally Bank monitors your account activity for potential fraud and automatically logs your banking session when you’re inactive. Plus, offers these fraud protection measures:
Site and app monitoring. Ally checks on websites and app stores to identify scam sites and apps that may target Ally, a proactive approach to combating fraud.
No-liability fraud guarantee. Ally Bank guarantees that you won’t be liable for fraudulent transactions if you report them within 60 days of getting your account statement.
Webroot SecureAnywhere. Banking customers get access to this anti-virus software for free on up to three devices. Webroot blocks viruses and malware and alerts you to malicious links or websites in search results.
Email confidentiality. Ally won’t email you, asking for your personal information, account information, username or password. If you do get these requests, forward the email to abuse@ally.com.
In addition to 24/7 account monitoring for fraud, Bank of America takes a variety of steps to protect your information, including:
Verify Your Visa Card Is With You. This location-based anti-fraud measure compares your phone’s location to where the purchase is made. To work, you’ll need to turn on this setting and your phone’s location services.
Free access to IBM’s Trusteer Rapport. This online fraud protection software works along with your other antivirus protection to detect and block malware and identify fake Bank of America websites.
Secure Transfer. Bank of America sends a one-time authorization code to your phone before sending high-dollar transfers or wires. If you’re international, you can use a USB security key, a physical device that adds an extra layer of security by verifying your identity.
Bank of America’s $0 Liability Guarantee. You won’t be responsible for fraudulent charges if you notify Bank of America in a timely manner.
Email confidentiality. Bank of America won’t contact you via email, asking for personal information like your Social Security number or debit card PIN. Any of these requests should be forwarded to abuse@bankofamerica.com.
Zelle transaction alerts. Bank of America verifies your enrollment in Zelle, a peer-to-peer transfer service. It also sends you alerts for new payees, password
Capital One offers customizable real-time alerts so that you can keep tabs on your money, as well as monitoring your account for suspicious activity. It puts these fraud protection measures in place:
Free credit monitoring. Capital One gives you free access to CreditWise, a credit monitoring service that shows you your credit report in real time without hurting your score. It also sends alerts with major activities like credit inquiries and scans the internet to make sure that your personal information stays safe.
Virtual card numbers. Eno, your Capital One virtual assistant, can create virtual card numbers for online purchases, helping you keep your real card number under wraps.
$0 fraud liability. Like most banks, you won’t be responsible for any unauthorized purchases made with your card.
Text message fraud alerts and debit card locking. While many banks text you about suspicious transactions, Capital One lets you text the word no if you don’t recognize a charge, locking your card. You can also lock and unlock your debit card in the app.
Start by signing up for Chase account alerts, notifying you about low balances, large purchases and more with personalized text, phone or email notifications. Chase also offers:
Free credit monitoring for everyone. Anyone can sign up for Chase Credit Journey to track their credit score without hurting credit. It also monitors the internet for identity theft and sends email alerts about any major changes to their credit history.
Tracking where card information is stored. Chase provides an account tool that shows you where you’ve stored your card information, helping you manage your data online.
You control information with partners. View which Chase partners you’ve given information to and delete access to your account from the Linked Apps and Websites section of your online account.
Virtual workshops for older adults. Chase partners with the AARP Foundation to bring virtual workshops, guides and worksheets to older adults. The goal is to educate adults about using online financial resources while avoiding scams.
Business fraud prevention. Your business can get free check monitoring or validating, plus set controls for who can get ACH transfers from your business.
Email confidentiality. No JPMorgan representatives will ask for your PIN, password or other personal information via email. However, you may get asked this information by phone.
Zero liability policy. You’re not responsible for unauthorized charges tied to your card or bank account.
Lock or unlock your card. If you misplace your card or it gets stolen, you can block its use until you find yours or get a new card.
Along with setting up fraud alerts to receive texts about transactions and account activity, Discover provides additional security with:
Card number on back of card. Discover cards come with the number printed on the back to keep your number secure when you’re out.
Holds on suspicious transactions. If Discover’s fraud team sees suspicious activity on your account, it places a hold on the transaction. This action keeps the money in your account safe while confirming the transaction with you.
Opening a new account. Discover doesn’t just send you a new card when fraud happens — it also closes your account and opens a new one to give you a new account number.
$0 Fraud Liability Guarantee. Like most banks, you’re not held responsible for unauthorized purchases on your card or account.
Email identifiers. Legitimate Discover emails will address you by name, include the last four digits of your account number and won’t ask for personal information. Always navigate to your Discover account separately, rather than clicking links from an email.
Freezing your card. You can lock or unlock your debit card via the mobile app, online or by phone to pause new purchases and ATM transactions.
Wells Fargo monitors your accounts for changes to your personal information or sign-in attempts. You can also set up alerts to track your purchases and temporarily turn your cards on or off if you misplace your debit card.
Plus, Wells Fargo offers these features for extra security:
Voice verification. You can choose to say a passphrase when calling Wells Fargo customer service. Unlike other banks that only require a passcode, Wells Fargo’s verification offers heightened account protection because it identifies you by your unique voice.
Turn off biometric sign-in for the app. If your phone gets lost or stolen, you can call Wells Fargo to turn off fingerprint or other biometric sign-in features. The person with your phone may be able to add their fingerprint to your device and access your apps.
Advanced Access. Wells Fargo requires an access code with certain types of activities like adding a new Zelle payee. Only enter the access code if you started the transaction.
Zero Liability Protection. You won’t be responsible for unauthorized charges as long as you report them right away.
Customer service confidentiality. Wells Fargo representatives will never ask for your account password or PIN or call or text you asking for access codes. Reps may ask for your username or access code if you call them.
No email password resets. Wells Fargo doesn’t use your email to reset your password, preventing criminals from gaining access to your account this way.
Review connected apps. See which apps you’ve connected to your Wells Fargo account through the Connected Apps section of your online account.
As stressful as having your bank account hacked may be, there’s a chance you could get your money back if you act fast. Banks are generally responsible for any charges due to cybersecurity breaches, but you should still always be prepared.
There are a number of things you can do to reduce the chances of your bank account being hacked, and choosing the right bank is one of them. Compare your options to find a bank and account that meet your needs.
Peter Carleton is a freelance writer that covers banking and investing, breaking down what you need to know about where you put your money. When Peter's not thinking about cutting-edge banking apps and robo-advisors, he runs a creative agency and spends his spare time cooking or reading. See full bio
My account is hacked by fraud i report to bank do they refund money
nikkiangcoJune 12, 2019
Hi Kamal,
Thanks for getting in touch!
We’re sorry to hear your account has been hacked. Immediately contact your bank so they can start an investigation. Regarding refunding your money, this will depend on the bank’s investigation and if your account has been proven compromised.
Hope this helps!
Best,
Nikki
GigiNovember 25, 2018
My daughter lost her debit card. Her acct was hacked. They deposited large amounts of money with bad checks then withdrew the money. Now the bank is saying they found no fraudulent activity……what does this mean?
nikkiangcoNovember 26, 2018
Hi Gigi,
Thanks for getting in touch! Sorry to hear that your daughter’s card got lost. If someone was able to deposit and withdraw money in her account this means that the account has been compromised and all your daughter’s personal details have been accessed. It’s important to let the bank know of this to know of the next steps to take.
Hope this helps!
Best,
Nikki
PuchaJuly 26, 2018
My disabled daughter’s checking account was hacked in a very unique way. First, they withdrew money through the ATM, then a large false deposit was made and on the same day they retrieved the money via ATM withdrawls, thousands of dls through a branch ATM. The bank even says my daughter made numerous calls to facilitate the transaction. She never did. She never had that kind of money, the bank investigated and CLOSED the accounts and said the charges are valid. The bank even sent her a Cashier’s check with an large sum of money that doesn’t belong to her. Does the bank check their cameras, phone calls when checking for fraud, because obviously they failed to do their homework. She is not taking the check. But what else to do? Thank you.
joelmarceloJuly 27, 2018
Hi Pucha,
Thanks for leaving a question on Finder.
It looks like you have exhausted all steps to resolve this with your bank. If all steps have been made and there is no resolution, you can contact the Federal Reserve. The Federal Reserve urges you to file a complaint if you think a bank has been unfair or misleading, discriminated against you in lending, or violated a federal consumer protection law or regulation. You can file a complaint online through the Federal Reserve’s Consumer Complaint Form.
You can also call or email Federal Reserve Consumer Help, the System’s central repository for consumer complaints and inquiries, and they will walk you through the process of filing a complaint and answer any questions you might have.
Although the Federal Reserve looks into every complaint that involves banks it regulates, it does not have the authority to resolve every problem. There are several federal agencies who handle complaints about banks and other financial institutions, so the Federal Reserve may connect you with or forward your complaint to another federal regulator.
I hope this gets resolved soon Pucha.
Cheers,
Joel
MalloryJuly 26, 2018
I was hacked. I’ve contacted the police and they’re tracking him down. He was a scam loan person trying to sell me on a loan and now he has all my banking info and my bank app he’s hacked it. I don’t know what to do. I have contacted the authorities. Any other advice please let me know
joelmarceloJuly 27, 2018
Hi Mallory,
Thanks for leaving a question on Finder.
It looks like you have exhausted all steps to resolve this with your bank. If all steps have been made and there is no resolution, you can contact the Federal Reserve. The Federal Reserve urges you to file a complaint if you think a bank has been unfair or misleading, discriminated against you in lending, or violated a federal consumer protection law or regulation. You can file a complaint online through the Federal Reserve’s Consumer Complaint Form.
You can also call or email Federal Reserve Consumer Help, the System’s central repository for consumer complaints and inquiries, and they will walk you through the process of filing a complaint and answer any questions you might have.
Although the Federal Reserve looks into every complaint that involves banks it regulates, it does not have the authority to resolve every problem. There are several federal agencies who handle complaints about banks and other financial institutions, so the Federal Reserve may connect you with or forward your complaint to another federal regulator.
I hope this gets resolved soon Mallory.
Cheers,
Joel
KimberlyJuly 24, 2018
If my bank account is frozen what can I do if my creditors are needing to pay me and usually use my bank
nikkiangcoJuly 24, 2018
Hi Kimberly!
Thanks for getting in touch.
I’m afraid no transactions (deposits/withdrawals) can be made while an account is frozen. You may opt to open a new account for the meantime so you can gain access of your funds from creditors.
SoFi offers several bonus offers, including a direct deposit bonus, welcome offers and referral bonuses. See how to snag up to $300.
Advertiser disclosure
Finder.com is an independent comparison platform and information service that aims to provide you with the tools you need to make better decisions. While we are independent, the offers that appear on this site are from companies from which Finder receives compensation. We may receive compensation from our partners for placement of their products or services. We may also receive compensation if you click on certain links posted on our site. While compensation arrangements may affect the order, position or placement of product information, it doesn't influence our assessment of those products. Please don't interpret the order in which products appear on our Site as any endorsement or recommendation from us. Finder compares a wide range of products, providers and services but we don't provide information on all available products, providers or services. Please appreciate that there may be other options available to you than the products, providers or services covered by our service.
We update our data regularly, but information can change between updates. Confirm details with the provider you're interested in before making a decision.
How likely would you be to recommend Finder to a friend or colleague?
0
1
2
3
4
5
6
7
8
9
10
Very UnlikelyExtremely Likely
Required
Thank you for your feedback.
Our goal is to create the best possible product, and your thoughts, ideas and suggestions play a major role in helping us identify opportunities to improve.
My account is hacked by fraud i report to bank do they refund money
Hi Kamal,
Thanks for getting in touch!
We’re sorry to hear your account has been hacked. Immediately contact your bank so they can start an investigation. Regarding refunding your money, this will depend on the bank’s investigation and if your account has been proven compromised.
Hope this helps!
Best,
Nikki
My daughter lost her debit card. Her acct was hacked. They deposited large amounts of money with bad checks then withdrew the money. Now the bank is saying they found no fraudulent activity……what does this mean?
Hi Gigi,
Thanks for getting in touch! Sorry to hear that your daughter’s card got lost. If someone was able to deposit and withdraw money in her account this means that the account has been compromised and all your daughter’s personal details have been accessed. It’s important to let the bank know of this to know of the next steps to take.
Hope this helps!
Best,
Nikki
My disabled daughter’s checking account was hacked in a very unique way. First, they withdrew money through the ATM, then a large false deposit was made and on the same day they retrieved the money via ATM withdrawls, thousands of dls through a branch ATM. The bank even says my daughter made numerous calls to facilitate the transaction. She never did. She never had that kind of money, the bank investigated and CLOSED the accounts and said the charges are valid. The bank even sent her a Cashier’s check with an large sum of money that doesn’t belong to her. Does the bank check their cameras, phone calls when checking for fraud, because obviously they failed to do their homework. She is not taking the check. But what else to do? Thank you.
Hi Pucha,
Thanks for leaving a question on Finder.
It looks like you have exhausted all steps to resolve this with your bank. If all steps have been made and there is no resolution, you can contact the Federal Reserve. The Federal Reserve urges you to file a complaint if you think a bank has been unfair or misleading, discriminated against you in lending, or violated a federal consumer protection law or regulation. You can file a complaint online through the Federal Reserve’s Consumer Complaint Form.
You can also call or email Federal Reserve Consumer Help, the System’s central repository for consumer complaints and inquiries, and they will walk you through the process of filing a complaint and answer any questions you might have.
Although the Federal Reserve looks into every complaint that involves banks it regulates, it does not have the authority to resolve every problem. There are several federal agencies who handle complaints about banks and other financial institutions, so the Federal Reserve may connect you with or forward your complaint to another federal regulator.
I hope this gets resolved soon Pucha.
Cheers,
Joel
I was hacked. I’ve contacted the police and they’re tracking him down. He was a scam loan person trying to sell me on a loan and now he has all my banking info and my bank app he’s hacked it. I don’t know what to do. I have contacted the authorities. Any other advice please let me know
Hi Mallory,
Thanks for leaving a question on Finder.
It looks like you have exhausted all steps to resolve this with your bank. If all steps have been made and there is no resolution, you can contact the Federal Reserve. The Federal Reserve urges you to file a complaint if you think a bank has been unfair or misleading, discriminated against you in lending, or violated a federal consumer protection law or regulation. You can file a complaint online through the Federal Reserve’s Consumer Complaint Form.
You can also call or email Federal Reserve Consumer Help, the System’s central repository for consumer complaints and inquiries, and they will walk you through the process of filing a complaint and answer any questions you might have.
Although the Federal Reserve looks into every complaint that involves banks it regulates, it does not have the authority to resolve every problem. There are several federal agencies who handle complaints about banks and other financial institutions, so the Federal Reserve may connect you with or forward your complaint to another federal regulator.
I hope this gets resolved soon Mallory.
Cheers,
Joel
If my bank account is frozen what can I do if my creditors are needing to pay me and usually use my bank
Hi Kimberly!
Thanks for getting in touch.
I’m afraid no transactions (deposits/withdrawals) can be made while an account is frozen. You may opt to open a new account for the meantime so you can gain access of your funds from creditors.
Hope this helps!
Nikki