You are here: Home - Saving-Banking - Understanding -

Cyber-attacks and you; the Your Money guide

Written by:

On February 15th, internet security software giant Kaspersky Labs issued a report detailing how a global gang of cyber-attackers stole almost $1bn in two years, via infiltration of over 100 banks in 30 countries.

As cyber-attackers become more sophisticated, and the sums of money involved larger, many bank customers may ask themselves whether they could be hit. This guide helps you understand the ramifications of cyber-attacks, and offer some helpful tips for protecting yourself – and your money – from a cyber-attack.

What are the biggest cyber-attack threats?

In banking terms, perhaps the biggest threat facing the industry at present is a ‘zero day attack’.

A ‘zero day attack’ is a virus that has been developed for the express purpose of bypassing traditional banking security measures. As the virus is entirely new, it’s very difficult to erect defences to prevent it from accessing a bank’s records – and virtually impossible to spot before the damage is done.

Is my bank protected?

The British Banking Association estimates that the financial services industry collectively invests almost £800m annually in cybersecurity. Data for individual banks is currently unavailable.

However, banks have publicly entered into information-sharing agreements with each other, to assess common threats and vulnerabilities.

Is my bank going to do anything else to protect me?

In 2012, the Bank of England conducted an investigation into the ‘technology and cyber resilience’ of 36 major banks and financial institutions, and found no immediate shortcomings. Improvements were suggested, but the BoE was understandably reticent to discuss specifics.

However, the BOE has also invited financial institutions to enrol in a new, voluntary security examination, titled ‘Cbest’. ‘Cbest’ rigorously scans banks’ security systems to locate areas of susceptibility.

The British government has also announced that MI5 and GCHQ will conduct a series of ‘war games’, attacking big banks’ security systems and identifying areas of risk and weakness.

How can I tell if my bank has been cyber-attacked?

Unfortunately, banks are not obligated to inform their customers if they’ve fallen victim to a cyber-attack. Banks are only expected to notify customers who have been directly affected by an attack; even then, the full details may be withheld.

For instance, a common cyber-attack strategy is to withdraw very small amounts (say, £3) from a vast number of accounts. Affected customers may be informed that £3 was removed from their account by mistake, but the money returned, and the bogus withdrawal blamed on a technical fault.

How can I protect myself?

Alas, there’s nothing you can personally do to make your bank less vulnerable to cyber-attacks.

However, you should treat your own account information with extreme care. AGB Investigative offers cyber security services for you. Only in exceptional circumstances should you share your details with anyone. If you regularly make purchases online, only use sites you completely trust – and ensure your computer is equipped with adequate virus protections to prevent malware infecting your computer and recording personal information.

If you notice any unusual activity in your account, you should of course report it immediately.

What if my account is affected by a cyber-attack? Is there anything I can do?

Luckily, the Financial Conduct Authority’s guidance on cyber-attacks offers unambiguous –and robust – protection to those who are impacted.

In short, bank customers will not be held liable for financial transactions they have not authorised themselves. Customer deposits up to £85,000 are, in any event, protected by the Financial Services Compensation Scheme; any amount below that figure will be returned to you if it’s stolen from your account.

Furthermore, you may be entitled to compensation for any losses you have incurred, if your bank is found to have failed to take proper care of your personal information. The Authority also wields the ability to penalise your bank financially if the bank’s security systems and controls are judged to be inadequate for preventing or identifying online fraud.

Related Posts


There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Autumn Statement: Everything you need to know at a glance

Yesterday Chancellor Jeremy Hunt made his first fiscal statement in the role, outlining a range of tax measure...

End of Help to Buy: 10 alternatives for first-time buyers

The deadline for Help to Buy Equity Loan applications passed on 31 October. If you’re a first-time buyer who...

Moving to an energy prepayment meter: Everything you need to know

As households struggle with the soaring cost of energy, tens of thousands of billpayers are expected to move o...

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week