The banking industry was presented with numerous challenges as the pandemic spread across the nation and the world. Many banks learned just how capable their staff was to work from a location outside of the bank’s walls. When the right technology and safeguards are in place, telework can be a good compromise for many workers to be able to continue their important jobs while also having access to a safe work environment.

Digital banking provides faster processing of financial transactions, more convenience, and a model that allows for the continuation of a financial industry even in the face of a pandemic. However, digital banking makes banks vulnerable to cyberattacks. Banks are now facing fresh security challenges that were brought on or affected by COVID-19. Here is what you need to know about them and how to protect yourself.

Banks must learn how to properly train their staff on how to identify potential cybersecurity risks and how to respond to them. An emergency plan should also be in place at every financial institution that provides a blueprint to workers. First, however, security leaders must understand the potential threats:

The threats

Some of the most prolific cyberthreats banks are facing in light of the pandemic include identity theft, account takeover, malware automated threats and teleworking.

Identity theft

In 2018, there were 651,000 reports of identity theft. Identity theft is easier to commit online because there are fewer obstacles to this crime. For example, a person with a stolen credit card can often purchase products online that he or she would not be able to purchase in person because of EMV security (EMV is a set of international standards that defines interoperability of secure transactions across the international payments landscape). By being able to hack into a bank, a criminal may be able to steal the identities of several customers without ever coming into personal contact with the victim, making this a particularly attractive type of crime for a criminal during a pandemic.

Account takeovers

Account takeover occurs when a criminal accesses another person’s account and changes information about it, such as the address or email address associated with it. The real owner of the account does not receive updates about the account because the communication is rerouted to the criminal. Account takeover statistics show that this particular form of fraud has increased significantly over the last several years.

Malware automated threats

Another cybersecurity risk for banks is malware automated threats. These input malicious code through automated tools like internet bots. They complete many repetitive tasks and do not cost much to execute, making them particularly attractive to cybercriminals who can often reap significant financial benefits with a little associated cost.


Teleworking is another cybersecurity risk to banks. As more people must stay home to comply with government orders and to slow the spread of COVID-19, many bank workers are working remotely. If they do not have a secure network, criminals may be able to access sensitive data from these workers.

What can the banking industry do?

Have security procedures in place and communicate that to your customers. Before customers ever have to reset their password, be sure that you have communicated security procedures in place for customers to educate themselves.

Encourage customers to:

  1. Verify they are using the correct app or website before signing in.
  2. Educate themselves on spotting and preventing phishing scams.
  3. Avoid using public Wi-Fi to access online or mobile banking
  4. Use of multi-factor authentication.
  5. Regularly update passwords and avoid using one password for all banking sites and sign ins.