Excessive road banks are leaving prospects uncovered to cyber criminals by ‘neglecting’ their on-line safety, an investigation has revealed.
Shopper watchdog Which? stated it had uncovered ‘worrying flaws’, together with permitting customers to set insecure passwords.
It additionally discovered weaknesses throughout the web sites and software program utilized by some banks that may very well be ‘hijacked’ by hackers.
On-line banking fraud has rocketed through the pandemic as cyber criminals make the most of extra customers counting on web providers.
Criminals stole greater than £750million via financial institution scams within the first half of 2021 – up 30 per cent on the primary six months of 2020.The trade foyer group UK Finance final 12 months warned the surge had turn out to be a ‘nationwide safety risk’.
Which? examined the web and cell safety of the 15 largest present account suppliers.
Carried out with impartial safety specialists 6point6, the 4 important standards had been encryption and safety, login, account administration and navigation.
Criminals stole greater than £750million via financial institution scams within the first half of 2021 – up 30 per cent on the primary six months of 2020.The trade foyer group UK Finance final 12 months warned the surge had turn out to be a ‘nationwide safety risk’ (inventory picture)
Metro Financial institution acquired the bottom rating with 53 per cent, adopted by Virgin Cash (56 per cent) and TSB (59 per cent). HSBC was discovered to be essentially the most safe, scoring 81 per cent.
Safety flaws had been discovered throughout the login technique of a number of main banks. Six – HSBC, NatWest, Santander, Starling, The Co-operative Financial institution and Virgin Cash – let prospects select passwords utilizing their first title or surname.
Others had been discovered to nonetheless be utilizing textual content messages to confirm when prospects had been logging in – a course of that may very well be ‘hijacked’ by cyber criminals. This included TSB, Lloyds, Metro, Nationwide, Santander and The Co-operative Financial institution.
The watchdog additionally recognized potential weaknesses throughout the web sites of Metro Financial institution, First Direct and Lloyds, which ‘may enable hackers to compromise the server’.
An extra three – Nationwide, TSB and Virgin Cash – had been discovered to be failing to make use of software program that ensured spoof emails despatched by potential scammers had been blocked or quarantined.
Jenny Ross, of Which?, stated: ‘Banks should lead the battle in opposition to fraud, but our checks revealed worrying flaws on the subject of holding folks protected from the specter of having their account compromised.
‘Our analysis reinforces the necessity for banks to up their recreation on tackling fraud by utilizing the newest protections for his or her web sites and never permitting prospects to set insecure passwords.’
All of the banks named stated they took their prospects’ safety very significantly and continued to put money into enhancing protections.
All of the banks named stated they took their prospects’ safety very significantly and continued to put money into enhancing protections (inventory picture)