Are You Protecting Your Financial Data Online?

protect your financial data online

Banking is no longer confined to a brick-and-mortar building; these days, we have internet banking, mobile phone banking, and electronic wallets. As these options increase, the number of financial cyber attacks has also gone up. In 2013, banks were targeted in 70.6% of all financial phishing activities, way up from 52% in 2012, according to Kaspersky Lab.

With all these threats flying around, are you sure you’re keeping your accounts safe from prying eyes online? You should be extra vigilant when it comes to online security. Here are seven ways to protect yourself and your data online.

1. Make strong passwords (and don’t use the same one for all your accounts).

A lot of ‘how to make strong passwords’ guides online tell you that you should have uppercase and lowercase letters, numbers, and special symbols to have a strong password. What usually happens is you end up with something like “P4$sw0rd!”, which might be hard for you to remember, but easy for computers to guess. Studies show that password length is more important than password complexity when it comes to security.

For example, “D0g…………………” is a more secure password than “PrXyc.N(n4k77#L!eVdAfp9”, because it has one more character, which means it will take password crackers about 95 times as long to decode. And it’s easier for you to remember. (Don’t use that, though; it’s not secure any more. Instead, you can artificially lengthen your existing passwords with padding characters to make it longer and more secure: so instead of “P4$sw0rd!”, you can use “!—pas—swo—rd—!”. Use your own system of padding characters and get creative.)

To make better passwords for your online banking accounts, you can use password managers such as KeePass, 1Password or LastPass, which can generate strong passwords and remember them for you so you won’t have to remember them for each site you make logins for. Browsers like Safari and Chrome also offer to create strong passwords for you that you can sync across devices.

Or you can make your own strong passwords by following this guide from Microsoft. You can use How Secure Is My Password to check how long it would take for a computer to crack your password.

But making strong passwords isn’t enough — you have to make sure you’re not using the same password for everything, because once a hacker figures out your password to your email, they’ll already have the password to your online bank account.

2. Don’t post photos of your credit card online.

This sounds like a no-brainer, but yes, there are people who do this. The Twitter account @NeedADebitCard retweets people who post photos of their credit and debit cards, with all the numbers visible, exposing their accounts to thieves and scammers. Basically, don’t be this girl (the numbers have been blurred, but she didn’t blur them before posting):


Debit Card Fail

Don’t do what this girl did.


So if you’re itching to show off that new credit card, at least block out all the numbers before you put it up on Instagram. Or, just don’t post it. Your bank account will thank you.

3. Beware of phishing.

You might think that you’re clever enough to catch phishing scams, especially if you’re younger and more tech-savvy. But scammers are getting more sophisticated — enough to trick even so-called “digital natives”. A 2013 survey from North Carolina State University shows that out of 53 undergraduates chosen to distinguish phishing scams from legitimate messages, only 4 were able to identify the malicious emails. (Before the survey, 89% of them were very confident in their ability to distinguish between the two.)

Here are some quick ways to avoid being a phishing victim:

  • Before clicking on hyperlinks in emails, hover over it to make sure you know the website you’re visiting. (As an additional security measure, don’t click on hyperlinks sent to you by senders or institutions you don’t know.)

  • Banks will never ask their users for secure information, like usernames and passwords via unsolicited emails. If you get an email asking you to do this, send it to spam.

  • When logging into your online banking account, check that the address bar shows an “https://” rather than “http://” (usually there’s a padlock that shows up next to it, too, indicating that the site you’re visiting is secure). You can even click on this padlock to display more information and ensure that the connection really is to your bank and not to a questionable site:

BPI security certificate

A valid security certificate from BPI.


4. Use two-step authentication if available.

What’s two-step authentication, you ask? It requires not only a password, but also a code that is sent to your phone, to check if it’s really you. Gmail has this option, for extra security. If you turn two-step on, once you log on with a different computer with your username and password, there’s a second screen asking for a second code, which is sent to your assigned mobile phone number. This code is different every time, so you need your phone with you. So even if someone gets your password, they won’t be able to log in to your Gmail because they don’t have your second code.

Our local banks don’t have this yet, but PayPal supports it, so if you have an account there, turn two-step verification on. You should do this for your Gmail accounts too, especially if you have bank statements and other private data sent there.

5. Use virtual credit card numbers.

Some banks offer ‘virtual cards’ — these are tied to your main credit card, but have a different credit card number that can be used solely for online purchases. You can assign smaller credit limits to these cards so that if a hacker does get this virtual card number, they won’t be able to use it for very much. You can also immediately block that number if you suspect fraud, and your bank will issue you a new one. BDO, BPI, and RCBC all have virtual cards as an optional add-on for your credit card; if you do a lot of online shopping, get one as an additional layer of security for yourself.

6. Watch out for scams online.

A lot of Filipinos fall for these 10 online scams, ranging from PayPal to online dating to unsecure Wi-Fi hotspots that steal your information. Stay alert, never respond to unsolicited emails with personal data, and verify the identity of anyone you are doing business with online.

7. Check your accounts regularly.

Review your online statements with your bank often, to check for any discrepancies. Regular checkups can ensure that your financial house is in order, and just in case someone does hack your account, you can see it and put a stop to it right away. Report any suspicious activity to your bank immediately.


As the saying goes, an ounce of prevention is better than a pound of cure. Following these simple guidelines can help you stay more secure online, so you and your hard-earned money can rest easy.

Leave your comment