Most people imagine that robust technology and strong systems are the main barriers standing between their money and cybercriminals. In reality, your daily habits often pose the greatest risk to your security. Cybercriminals are not just targeting complex systems. Increasingly, they are focusing on individuals, exploiting predictable routines and small lapses in judgement.
Banks such as Absa Bank Ghana invest extensively in security systems. However, no amount of technology can protect against habits that leave personal information exposed. If you believe you are too smart to fall victim, you may actually be at greater risk from the latest tactics employed by fraudsters.
In this series, we will examine some of the most common digital habits that make people vulnerable when banking online, and how you can avoid them.
Digital Habit #1: Using Weak or Recycled Passwords
Your password is often the only barrier standing between your finances and a cybercriminal. If you are using something as simple as ‘123456’, ‘password’, or even your date of birth, you may as well leave your bank account open to anyone who wants to take advantage.
Weak passwords are still one of the most common ways that criminals gain access to online accounts. Many people assume their password is strong enough or feel safe simply because they haven’t yet been targeted. However, using the same password across several websites, or basing it on easily available personal information, greatly increases your risk.
The reality is that criminals do not need to hack into bank systems. They often purchase lists of stolen passwords from previous data breaches, then try those credentials on banking platforms. This technique, known as Credential Stuffing, relies on the fact that many people reuse the same login details for multiple services. Even a single breach – whether from a social media account, an email provider, or an online store – can put your financial accounts in jeopardy if you have reused your password.
Cybercriminals also exploit human nature. Many passwords are based on names of pets, birthdays, or favourite sports teams. This information can often be found on your social media profile, making it much easier for a determined criminal to guess.
The solution is to use long, unique passphrases for each account, particularly for your bank and email. A passphrase is simply a memorable sentence or a string of unrelated words that is difficult for others to guess but easy for you to remember. For example, a line from a song or a favourite book, combined with numbers and symbols, will be far more secure than a single word or your date of birth.
It is also vital never to reuse passwords between accounts. Each account should have its own unique password. In addition, wherever possible, enable two-factor authentication. This requires a second form of verification, such as a code sent to your phone, before anyone can access your account, even if your password is compromised.
Ultimately, the strength of your password is your first and most important defence against cybercrime. No security system can protect an account that is left exposed by weak or recycled passwords. Take the time to strengthen your passwords today, before someone else takes advantage tomorrow.
Digital Habit #2: Acting on Urgent Requests Without Verification
Every day, individuals across Ghana lose access to their accounts and personal information after responding to messages or calls that appear entirely legitimate. Phishing attacks (where criminals impersonate trusted organisations) remain one of the most effective tools in a fraudster’s arsenal. Despite growing awareness, these attacks continue to succeed because they succeed not because of ignorance, but because they exploit trust and urgency.
Modern phishing has become highly convincing. A scammer may send an email that looks exactly like one from your bank, complete with logos, familiar language, and urgent warnings about your account. These messages often contain links that lead to counterfeit websites designed to capture your login details the moment you enter them.
The threat is not limited to email. Vishing, or voice phishing, is now increasingly common. Here, a caller pretends to be from your bank or law enforcement, using sophisticated scripts to persuade you that your account is in danger. They may ask you to provide personal details, one-time passcodes, or other sensitive information under the guise of protecting your funds. In reality, the greatest threat comes from the person on the other end of the line.
Phishing works precisely because it targets your instincts. Criminals rely on urgency to prompt action before you have a chance to think. If you receive an unexpected message demanding immediate action, or if anyone contacts you requesting personal information over the phone, email, or text, you should treat this as a warning sign. Banks such as Absa Bank Ghana will never ask you to share your password or one-time codes in this way.
The best protection is to remain skeptical. Never click on links or download attachments from unexpected emails or messages, regardless of how convincing they appear. If you receive a message about your account, do not respond directly. Instead, visit your bank’s official website by typing the address into your browser, or call the number listed on the back of your bank card to verify the information. If someone phones you asking for sensitive details, hang up and contact your bank yourself using a verified number.
Cybersecurity is not simply about technology; it is about making decisions that keep you one step ahead of fraudsters. Pause before you act, question what you are being asked to do, and always confirm information directly with your bank. By doing so, you significantly reduce the risk of falling victim to these sophisticated scams.
Digital Habit #3: Using Public Wi-Fi Without Protection
Free public Wi-Fi is a common convenience, whether at a café, airport, hotel, or shopping centre. However, this convenience comes with significant risks for anyone using online banking or entering sensitive information over these networks. Many people don’t realise that public Wi-Fi is an easy target for cybercriminals looking to intercept personal data.
When you connect to a public network, your internet traffic can often be monitored by others on the same connection. One of the most common threats is the so-called man-in-the-middle attack, where a criminal secretly intercepts the information passing between your device and the internet. If you log in to your bank account on a public network, your username, password, and even financial details may be captured without your knowledge.
Another risk involves rogue Wi-Fi networks, which criminals set up using names similar to legitimate hotspots, such as ‘Free Café Wi-Fi’ or ‘Hotel Guest Network’. Once you connect to these, they can monitor your activity, collect your credentials, or even install harmful software on your device.
There is also a less obvious threat: charging your phone through public USB ports in places like airports or hotels. Some criminals use these ports to carry out what is known as ‘juice jacking’, which involves installing malware on your device through the USB connection. To avoid this, always use your own charger and plug it into a wall socket rather than a public port.
The safest approach is to avoid using public Wi-Fi for banking or any activity involving sensitive information. Use your mobile data or a trusted home network for financial transactions whenever possible. If you must connect to public Wi-Fi, consider using a Virtual Private Network (VPN) to encrypt your connection, making it much more difficult for criminals to intercept your data.
Remember, convenience should never come at the expense of your security. The risk of exposure on public networks is real, and cybercriminals often look for those moments when people are distracted or in a hurry. Take simple precautions to protect yourself, and never access your bank accounts unless you’re certain the network is secure.
End of Part One This concludes part one of our series on digital habits that ensure secure banking. In the next instalment, we will explore further risks and provide additional strategies to help you stay secure in an ever-evolving digital landscape.
********
The writer, Benjamin Abiemo, Head, Cyber Security Management, Absa Bank Ghana Ltd
DISCLAIMER: The Views, Comments, Opinions, Contributions and Statements made by Readers and Contributors on this platform do not necessarily represent the views or policy of Multimedia Group Limited.
DISCLAIMER: The Views, Comments, Opinions, Contributions and Statements made by Readers and Contributors on this platform do not necessarily represent the views or policy of Multimedia Group Limited.
Source link
