Skip to main content

As online banking services have become more popular, so too has online banking fraud. In fact, bank phishing scams have become one of the most common types of criminal activities on the internet. In addition to stealing login credentials for bank accounts, cybercriminals also steal credit and debit card information for their own financial gain. But how exactly do these cybercrimes work, and what implications do they have for the individual?

What is online banking fraud?

Online bank fraud essentially happens when a cybercriminal is able to steal an individual’s—or company’s—digital banking details and gain access to the associated bank accounts or credit cards. They then use this to their advantage, either siphoning money out of their account directly or otherwise perpetrating other types of financial fraud. Legally speaking, online banking fraud covers all manner of criminal activities carried out through a bank’s app or website. This includes illegally accessing someone else’s accounts to manage or transfer their money.

The highly digitized nature of modern banking gives attackers many different opportunities to execute these crimes. Despite banks taking more and more steps to secure their digital services and protect their clients’ accounts, the increasing sophistication of these attacks makes it exceedingly tricky to identify when these frauds are being carried out and difficult to prevent them.

How does bank scamming work?

Cybercriminals are using ever more sophisticated means to lure unsuspecting victims into inadvertently sharing their banking details and effect online banking fraud. Often, these attacks are multidimensional and incorporate a variety of techniques, so it becomes difficult to identify them. Because of this, it is essential that everyone who uses online banking services understand these attacks so that they can be on guard against them. There are two main types of online banking fraud: Account Takeovers (ATO) and Automatic Transfer Systems (ATS).

Account Takeovers

ATOs are digital banking scams where the cybercriminal takes over a bank account with stolen information. These attacks often involve social engineering techniques or malware, and the most advanced ones use both. Below are some of the most common methods cybercriminals enact online banking scams and ATOs:

  • Phishing: In bank phishing scams, the phisher impersonates the victim’s legitimate banking institution and sends an email asking them to confirm their login credentials. Normally, the email has a link to a fraudulent website that mimics the bank’s real site—when the login details are entered here, the phisher can steal them. This is why banks regularly remind customers that they will never ask for sensitive information such as passwords or personal identification numbers (PINs). To increase the chance of success, the phishing email will often state that the bank account will be suspended or locked if the customer does not click confirm their details.
  • Vishing: These attacks are similar to phishing, but are carried out by phone rather than by email. The attacker impersonates the victim’s bank on a phone call and dupes them into sharing their account details and logins by phone. This gives the attacker full access to and control over the account. In some cases, the attacker attempts to get certain personal details which can be later used in their online banking fraud schemes or gets the victim to directly transfer money to them.
  • Keyloggers: These are a particular type of malicious software—Trojans—that monitors the use of a computer keyboard. When it detects that the user is accessing a banking website that is on a preset list, it logs the keystrokes, effectively stealing the bank account’s login credentials so that the attacker can later access this account and steal funds from it.
  • Malware: Cybercriminals use a variety of malicious software to steal the information they need. These often begin as bank email scams that force the victim to download virus-ridden attachments to their devices, often without their knowledge. The malware then mimics authentic banking sessions and gets the victim to enter their details, which are then stolen by the attacker to perpetrate their scams. Some of the most popular malware used in online bank scams include Remote Access Trojans (RATs) which allow attackers to remotely control a device, Man-in-the-Browser (MitB) that intercepts data between a browser and bank app, overlays which also steal sensitive information through a website or app, and SMS sniffers which monitor SMS messages for OTPs.
  • Stealing passwords: In some cases, bank login scams can be carried out through brute force or dictionary attacks. These randomly guess passwords until they find the correct one, which the attacker can then use to gain access to the linked bank account.
  • Hacking wifi networks: Many internet connections are susceptible to hacking by cybercriminals. This is especially true of unsecured public Wi-Fi networks that have few safeguards in place. By hacking into these networks, the attackers can steal any information that is transmitted—including bank details.
  • Sim swapping: This particular cybercrime involves using social engineering techniques to steal the victim’s phone number and port it to a SIM in the attacker’s possession. This gives them access to everything connected to the phone number in question and often allows them to access bank accounts by receiving one-time passwords as part of a bank’s authentic multifactor authentication process.

Automatic Transfer Systems

Improvements in technology and cybersecurity mean that ATOs have become much tougher to execute. To work around this and continue perpetrating online banking fraud, cybercriminals developed new, automated techniques to execute the attacks efficiently and with a lower risk of detecting identity theft. These are called Automatic Transfer Systems (ATMs) and do not require the attacker to rely on bank login scams. Instead, these automated systems monitor a computer user’s activity. When the user logs into their bank account, this malware injects script into the legitimate site and initiates money transfers that the user does not notice until it is too late. This negates the need for the attacker to harvest user information and get through multifactor authentication protocols.


Although the two types of online bank scams are different, they both have the same goal—to steal funds and perpetrate financial fraud—they work quite differently.

  1. ATS attacks are executed automatically through malware. ATO scams require some manual work for the cybercriminal because they use social engineering.
  2. ATS malware requires careful calibration and must be tailored to the particular banking app. This makes these attacks far more involved, but also harder to detect.
  3. Because they work within legitimate banking apps and websites, ATS attacks simply wait for users to provide their login credentials, which means the attacks do not need to steal this information or worry about passing multifactor authentications.

Identity Theft Explained

Banking identity theft involves the cybercriminal stealing an individual’s identity to perpetrate financial fraud. By obtaining personal details such as names, birthdays, and social security numbers, attackers can initiate a wide array of actions. Bank account identity theft—and identity theft on a wider scale—can have severe and long-lasting impacts on the victims of these attacks. Some of these can include:

  1. Stealing funds from existing bank accounts.
  2. Opening new bank accounts, getting new credit cards, or taking out new loans in the victim’s name.
  3. Accessing social benefits linked to Social Security numbers, such as healthcare, social security payments, and unemployment.
  4. Ruining credit scores.
  5. Instigating tax fraud or stealing tax refunds.
  6. Causing defaults on bank loans, such as mortgages.
  7. Taking over any online account, including emails and social media profiles, and impersonating the victim to detrimental effect.
  8. Requiring the victim to spend vast amounts of time and money to try and recover their identity and clear their name.
  9. Ensuring the victim’s personal information remains on the Dark Web.
  10. Causing significant emotional and financial stress.

What are the personal ramifications of online banking scams?

Unfortunately, bank account identity theft can have major repercussions for the individual or company targeted by these attacks. Of course, the financial impact is a serious concern, but there are other implications as well that are important to consider.

Online bank scams can have significant financial consequences, which can be devastating for individuals and organizations alike. Depending on what information is stolen, the attacker can clean out bank accounts, close and set up new accounts, ruin credit scores, commit tax fraud, steal retirement funds, and impact mortgages. In dealing with the fallout of these attacks, victims may find themselves incurring even more financial losses through legal fees, for example.

Banking identity theft can affect the mental health of those who fall victim to the scams. A whole range of emotions can come into play when an individual realizes that they have fallen victim to an online banking fraud, from shock and anger to fear and helplessness. They can come under considerable amounts of stress as they try to piece things back together, and often feel the need to blame someone for allowing this to happen.

Is it possible to prevent online banking fraud?

In reality, it is never entirely possible to avoid banking phishing and other online scams. Of course, there are certain measures that can be taken to lessen the likelihood of their success or mitigate their impacts. Here are a few tips to keep in mind:

  • Always use unique login credentials across different bank accounts.
  • Enable multifactor or biometric authentication for an additional layer of security.
  • Never click links from emails—go directly to the bank’s legitimate website by typing the address into the web browser.
  • Ensure the banking apps on devices are genuine—download them from the bank’s website or trusted app stores and keep them updated.
  • Become familiar with the bank’s security and privacy protocols—for example, most banks state clearly that they will never ask for PINs.
  • Only log into bank accounts over secure internet or Wi-Fi connections, such as private home networks secured with WEP, WPA, or WPA2.
  • Review bank and credit card statements regularly and check suspicious transactions with the bank immediately.
  • Use virtual private networks (VPNs) to secure internet connections before logging into digital banking systems.
  • Protect devices with antivirus software and ensure these are always up to date and running the latest security patches.

Avoid banking identity theft

Online banking theft is becoming increasingly sophisticated and challenging to detect. But, these attacks can have significant financial, social, and emotional implications for the individuals and companies who are targeted. Understanding what online banking scams look like and implementing digital security features and common-sense safeguards can minimize the possibility of cybercriminals executing account takeovers or infecting devices with ATS malware.

Get Kaspersky Premium + 1 YEAR FREE Kaspersky Safe Kids. Kaspersky Premium received five AV-TEST awards for best protection, best performance, fastest VPN, approved parental control for Windows and best rating for parental control Android.

Related Articles and Links:

How to prevent cyberattacks

I’ve been the victim of phishing attacks? What now?

Safe banking – it’s all about the money

Related Products and Services:

Kaspersky Premium

Kaspersky Endpoint Security Cloud

Kaspersky VPN Secure Connection

Online Banking Fraud

Online bank scams are a harsh reality in the digital banking landscape. Here’s how these attacks work, and how to minimize their chances of success.
Kaspersky Logo