Your bank account number may seem harmless to share, but scammers can use it for fraud and scams. And although a single number doesn’t always unlock your account, it may still open the door to unauthorized transactions, cybercrime or identity theft. We’ll cover the risks of a hacked bank account, how hacks happen, what to do if a hack occurs and how to help protect your information moving forward.
What are the risks after your bank account is hacked?
After a bank account is compromised, potential risks may include:
- Unauthorized ACH transfers, where fraudsters set up transfers that work like a reversed direct deposit, pulling funds out of account
- Check fraud, including forged or altered checks created using your banking information
- Unauthorized deposits or withdrawals, made by using your account and routing numbers
- Phishing scams, where criminals use stolen account details to create convincing emails or phone calls to obtain additional sensitive information
- Increased fraud risk, as access to personal details and routing numbers can be used for further unauthorized activity
How do bank accounts get hacked?
Scammers use your passwords, Social Security number, account numbers and other private information to hack your bank account, and they can obtain that data in several ways:
- Phishing emails or texts that trick you into clicking on dangerous software or giving up sensitive information
- Harmful software called malware or fake apps that get installed on your device without you realizing it, helping hackers access your sensitive data
- Key loggers or programs that log your keystrokes when you type a password on your device
- Easily guessable passwords or reused passwords that, when stolen, unlock multiple accounts
- Data breaches, when hackers execute a cyberattack and enter a system, network or database to gain access to sensitive financial or medical information
How is AI used in cyberattacks?
Easily accessible AI tools may help hackers create phishing emails that look more realistic, making it harder to spot when someone is pretending to be your bank or another trusted company. They might also help a fraudster clone voices or videos, so the scammer better resembles a family member or coworker asking you for sensitive information. In some cases, AI may even be used to generate malware designed to steal passwords, putting your accounts at risk if you click a bad link or download the wrong file.
Whether your account was compromised using AI or more traditional methods, the next steps are largely the same.
What to do if your bank account is hacked
If your bank account has been hacked, you’re not alone. Internet crime can affect anyone, but there are a few practical steps you can take to protect your account and regain control:
- Contact your bank immediately to report the fraud and freeze any affected accounts
- Change the passwords for all compromised accounts and enable multifactor authentication (MFA) as soon as you can
- Review your credit report, bank account and credit card statements to catch any unauthorized transactions or activity and file disputes
- If you’ve suffered identity theft and a criminal used your data without your permission to steal money, receive insurance or take out loans, file a report with the Federal Trade Commission (FTC) immediately
- Know that you can request that the 3 major credit bureaus place a fraud alert on your credit reports to help prevent fraudsters from taking out credit in your name
Even if you follow all these steps to regain security, it’s still normal to be upset or wonder who accessed your information and why.
Can you find out who hacked your bank account?
Cybercrime knows no borders, and agencies define it differently, which can make tracking offenders slow and difficult. And since cybercriminals can stay anonymous using location- and identity-masking software from anywhere in the world, uncovering their identity can be challenging. That’s why financial institutions and law enforcement may focus more on recovering funds and ramping up security rather than finding and prosecuting a scammer.
How to help protect your bank account from future threats
You’re not helpless against hackers, and these proactive steps can help deter them:
- Create and regularly update strong passwords: Always use unique, hard-to-guess passwords to help block hackers
- Turn on MFA: Add multiple security layers by requiring a code or some type of authorization each time you log in
- Avoid clicking on suspicious links: Scrutinize any and all email and text attachments or links that come your way, even if they claim to be from your bank or local authorities
- Check your accounts often: Regular credit report and account monitoring may help you detect fraudulent activity before it gets worse
- Only use secure networks: Only log in through private Wi-Fi and sites with “https” and a lock icon in your browser whenever you’re banking or using the web generally
Disclosure: This article is for general educational purposes. It is not intended to provide financial advice. It also is not intended to completely describe any Citi product or service. You should refer to the terms and conditions financial institutions provide for various products.