People who use online banking risk being the “easy target” of criminal gangs,
And the banks are “helping” imposters access accounts by not introducing stringent security measures.
The watchdog magazine Which? has accused some of Britain’s biggest financial institutions of “neglecting important security protections”.
A damning report claims major banks ignore basic internet security – even allowing customers to use passwords simple to crack.
One bank – Triodos – allowed genuine customers to have passwords like “1234567” and the word “password”.
Meanwhile, the HSBC, NatWest, Santander, Starling, the Co-operative Bank, and Virgin Money let customers use the first names of family and friends.
The report also criticised banks and building societies who use text messages to verify account holders’ identities when logging in online.
The system is said to be “outdated” and open to “hi-jackers”.
More than 42,000 people lost money to online banking scams in the first half of 2021 alone – double the number over the same period the prior year.