I left Barclays Bank PLC after their appalling “Online security” screwed me over. I got my money back, others have been less lucky. I see Dr Ben Goldacre seems to be thrashing NatWest on Twitter for perhaps similar reasons. My advice is to stay away from all Online Financial Services, they are just too insecure at present.
If you must could I suggest the following top 10 tips:
1. Have a separate Mobile and Number for all your Online Banking apps.
2. Only communicate with your bank using PGP encryption. (they hate it but will put up with it. (Proton Mail is good). Never send anything personal information in the clear to anyone.
3. Use a Monzo card or like for all debit card transactions. Top it up with your Current Account. It makes fraud easy to spot.
4. Use a credit agency (although mine Experian dumped my Creds into the dark web).
5. Use haveibeenpwnd.com
6. Don’t use your Mother’s maiden name as the answer to that question. Change your date of birth and don’t answer any of those “your first” questions with anything that is true.
7. Use complex passwords, all different and secure with a password manager like Dashlane or LastPass. (Don’t be mean pay for a good one ).
8. Turn off all the Google spyware on your mobile and computer, or better still use FireFox Quantum. And if you use Safari then you’re beyond help (not really but Really).
9. Use Kill Disk to rewrite your hard drives or better still never throw one away and if you must throw them away Kill them, then destroy the disc and then chuck it.
10. Do not rely on “Phone Reset” to remove information from your phone when you get a new one.
If you do most of this, I think you have a good chance of not being hacked, scammed, tricked or worked over. And if you think I’m paranoid you need to stay in more and have a look at what the internet knows about your promiscuous online behaviour.