:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/GTFZXPDPP5AD3HG6FE256HIS64.jpg)
About a year ago, I was the victim of massive identity theft which included (among many other things) my bank account being hacked. Then, two months ago, my grandmother’s bank account was compromised.
In my case, the hackers didn’t get far off enough to actually take any of my money. But my poor grandmother wasn’t so fortunate as $11,000 was stolen from her bank account before she even realized what was going on.
I share these personal stories simply to show that I understand how much havoc can be wreaked when a bank account is hacked. But I’ve also learned a lot over the past year about how and why these things happen.
Below, we lay out the steps you should take if you discover your bank account has been hacked. We also share a few tips at the end that can help you avoid bank fraud altogether.
What to Do If Your Bank Account Is Hacked
You worked hard to earn the money in your bank. That’s why it can be frightening to learn when someone has access to your account who shouldn’t. Don’t panic, but do take quick action. Here are the next steps to take.
1. Contact Your Banks Fraud Department
Most national banks have a dedicated phone number for reporting fraud. If you still have your debit or credit card, you may find the number on the back. If your card is lost or stolen, you may be able to search for your bank’s fraud number on its website or via a quick Google search.
If you bank with a community bank or local credit union, it may not have a dedicated fraud hotline. In these cases, you may need to talk to one of your local branch representatives over the phone or in person.
Explain to your bank’s fraud team how and when you discovered the suspicious activity on your account. Your banker can walk you through many of the steps covered below, such as submitting a claim, canceling compromised cards, improving your account security, and more.
2. Submit a Claim If Money Was Stolen
Money can be stolen from your bank account in various ways. Sometimes the scammers move money out through bank transfers. But often they withdraw cash using an ATM card or make online or in-person purchases with compromised cards.
The latter example is how my grandmother’s hackers were able to steal the money from her account. Using her personal information obtained from a data breach, they were able to pose as her over the phone and convince her bank to mail them a new debit/ATM card.
If you’ve lost money in your bank account due to unauthorized activity, you can submit a claim for reimbursement. The quicker you act, the lower your maximum liability under federal law. The table below shows the most you can lose depending on when you report your hacked account to your bank.
| If you report a hacked bank account | Maximum liability |
|---|---|
| Before any charges or transfer are made | $0 |
| Within 2 business days of noticing unauthorized charges or transfers | $50 |
| More than 2 business days after noticing unauthorized charges or transfers but less than 60 calendar days after receiving your account statement | $500 |
| More than 60 calendar days after receiving your account statement | Potentially unlimited |
Once you’ve submitted a claim, your bank will typically have up to 10 business days to resolve it. If it still needs longer to investigate, it will generally be required to issue a temporary credit to your account (minus up to $50) and to resolve the issue within 45 days.
3. Cancel Compromised Debit Or Credit Cards
If you’re not sure where your debit or credit card is located, you’ll want to take immediate action to let your bank know. If you think it’s simply been misplaced, you may be able to place a temporary freeze on the card. But if you think (or know) that it’s been stolen, you’ll need to cancel it and have a new card sent out.
It’s important to note that your card information can be compromised even if the physical card is still sitting in your wallet. Skimmers at gas pumps or ATMs can capture card numbers and PINs completely unbeknownst to the user.
Be sure to check each statement carefully for any unauthorized purchases, both large and small. In my grandmother’s case, her hackers began by making a small ATM withdrawal that went unnoticed on her statement. Once they realized her account wasn’t being vigorously managed, they began making large withdrawals on a daily basis.
In addition to reviewing statements, regularly monitoring your account activity on your bank’s online portal or app can help you catch fraud faster. And you may want to consider setting a text alert for debit or credit card transactions that exceed a certain dollar amount.
Related: How to Cancel a Credit Card Without Hurting Your Credit Score
4. Consider Freezing or Closing Your Account
In many cases, canceling a debit or credit card can stop bank fraud in its tracks. When your account has been hacked due to identity theft, it can be more difficult to keep criminals from repeatedly accessing it.
For example, my bank account wasn’t hacked because of a lost or stolen card. Instead, the fraudsters accessed my account by providing my name and Social Security number (SSN) over the phone.
In these types of situations, it may be best to place a temporary freeze on your account until you can work through the identity theft issues. Or may you want to close the account completely and start fresh with a new account.
5. Set New Passwords and Pins
Once you’ve reported your compromised card and/or frozen (or closed) your account, you’ll want to change the password for your online banking. Try to choose a password that you’ve never previously used on any website.
You’ll also want to set a new debit card PIN. While it’s tempting to pick a PIN that’s easy to remember, keep in mind this could also make it easier for a fraudster to guess. For this reason, you’ll want to avoid selecting PINs that are based on things such as:
- Your birthdate (or the birthdate of a loved one)
- Your anniversary date
- Your Social Security number
- Your bank account or card number
And, while it may go without saying, you’ll also want to avoid simple patterns like 1111 or 1234. Setting a strong password and PIN is the minimum action that you’ll want to take to secure your account. We’ll provide several more security tips later in our How to Avoid Bank Account Hacking section.
6. Check Your Credit Reports
When identity theft is at the root of your bank fraud, you’re at significant risk of credit card fraud too. In my own case, the scammers who accessed my bank account were also able to open several credit cards in my name.
If you suspect your identity has been stolen, you’ll want to take immediate steps to protect your credit. Start by placing a fraud alert on your credit files. You’ll also want to check your credit reports with each bureau and dispute any fraudulent items. Learn how to check your credit reports.
7. File an Identity Theft Report
Filing an Identity Theft Report with the FTC only takes a few minutes and provides many benefits. You’ll get a custom recovery plan and pre-filled letters you can send to businesses and banks. And filing a report at IdentityTheft.gov often eliminates the need to file a police report as well.
Related: How to Avoid Identity Theft
How to Avoid Having Your Bank Account Hacked
It’s good to know what to do if your bank account is hacked. But avoiding bank fraud in the first place is even better. Here are four strategies that can help.
Related: Best VPN For Online Banking
1. Don’t Enter Sensitive Information Over Public Wi-Fi
As someone who loves to work at coffee shops, I know how valuable free public Wi-Fi can be. But there are also various ways that a hacker may be able to snoop on your computer activity or distribute malware to your device while it’s connected to a public Wi-Fi network.
Browsing the internet or working in a Google Doc while on public Wi-Fi is perfectly fine. But you’ll want to avoid visiting any financial accounts or entering sensitive information until you’re on a network that you know is private and secure.
2. Never Click on Links From Unsolicited Texts or Emails
Every day scammers send thousands of emails impersonating government agencies or other organizations. Some of these emails make outrageous promises, but others are more subtle in their approach.
For example, you may receive an email pretending to be from your bank or brokerage firm saying that you’ve been locked out and need to update your account credentials. Or you may receive an email that appears to be from a government agency explaining how to claim your coronavirus stimulus check.
These scams are called email phishing attacks. The goal is typically to get you to click on a link that will download malware to your computer or mobile device. Once the virus has been downloaded, the attacker may be able to steal your personal information and/or capture your keystrokes.
Never click on a link from a sender you don’t know personally. Also, be wary of downloading third-party apps to your phone as these can contain malicious software as well. Finally, run antivirus software if you suspect that one or more of your devices may be compromised.
3. Strengthen Your Account Security
I was made aware that my bank account had been hacked when I received an email confirming that my password had been changed. Alarmed, I called my bank’s fraud department and was told that the change had been initiated over the phone.
In my case, the fraudsters knew so much about me that they were even able to answer my security questions. Immediately, I knew simply setting a new password and PIN wouldn’t be enough to keep the hackers out. So I took two additional steps to raise my account security to the next level.
First, I added a security word to my account. Without speaking that word, no one (including myself) can make changes to my account over the phone. If your bank offers this type of security, I highly recommend it.
Next, I added two-factor authentication to my account. This means that every time I (or anyone else) logs into my account with my username and password, I receive a text message with a one-time code. So even if a hacker gets my login credentials, they won’t be able to access my account without physically possessing my phone too. Again, if your bank offers two-factor authentication, I recommend enabling it.
4. Protect Your Social Security Number
Hackers only need your name and SSN to commit all kinds of identity theft including hacking your bank account, opening fraudulent credit cards, filing a fake tax return to steal your refund, and more.
For these reasons, keeping your SSN safe is a critical step towards protecting your identity. Ways to protect your SSN include keeping it in a safe place at home rather than carrying it on your person and being very careful about who you share it with.
Keep an eye out for phone or email scams asking for your SSN. Also, know that even if you give your SSN to a legitimate business or provider, you’re still raising your risk of it being accessed in a data breach. If you’re being asked to provide your SSN, don’t be afraid to ask why and what will happen if you say no.
Finally, you may want to sign up for an identity theft protection service that can alert you whenever your SSN is used online or is found on the dark web. See our breakdown of the best identity theft protection services.
5. Get a VPN
If you want to protect yourself online, you should consider getting a VPN. And ExpressVPN is the world’s fastest and most reliable premium VPN service.
Cutting-edge encryption guarantees complete privacy, helping you access censored content safely and privately anywhere in the world. Connect up to five wireless devices simultaneously with unlimited bandwidth and enjoy ultrafast speeds for smoother video streaming.
NordVPN is another option to consider. In addition to competitive pricing, it is packed full of features such as:
- No-log policy
- Industry-leading speed for uninterrupted streaming
- One account can be used on up to six devices
- Compatible with mobile devices
- Dedicated IP
If you have safety and security concerns when browsing the internet such as when banking online NordVPN can put your mind at ease.
Bottom Line
No one wants to go through the ordeal of having their bank account hacked. But, thanks to federal protections, the good news is that you may be able to recover most, if not all, of any stolen funds as long as you act fast.
Keep in mind that some banks offer more security options than others. If you’re wanting to compare banking options, check out our best online banks and best free online checking accounts.
:quality(70)/s3.amazonaws.com/arc-authors/xlmedia/d73ec9df-f189-4d31-85b4-b3944ba29cbe.png)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/TQ4JGO7Y4ZBOTF2T4B5UM5CB3E.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/OTY2YAXWYVBB3PYJ5CI363WZZA.png)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/CVOEX2KJZZAK7DAGVSLY6F3JS4.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/AJZIXKKJ2FEOFFV2I2I4JPAWBQ.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/2QOLUPUU7FE4HDWCHFRVU56VMY.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/TQ4JGO7Y4ZBOTF2T4B5UM5CB3E.jpg)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/OTY2YAXWYVBB3PYJ5CI363WZZA.png)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/xlmedia/CVOEX2KJZZAK7DAGVSLY6F3JS4.jpg)