I belong to a forum for old geezers in motorhomes. This demographic is notoriously conservative/paranoid about online tracking and security but -paradoxically- flocks to online banking. Here is a paste of some links I've dumped on them:
http://247wallst.com/banking-finance/2014/10/05/jpmorgan-not-the-only-bank-hacked/http://lifehacker.com/chase-bank-hacked-info-stolen-for-83-million-accounts-1642063956http://money.cnn.com/2014/11/18/technology/security/congress-bank-hack/http://krebsonsecurity.com/tag/first-sentry-bank/>$50
AFTER you file fraud papers and wait. Been there. Except I didn't have to wait as I had a handwritten note on my signature card "No electronic transfers." I told Wachovia to have the $9k back in the account by 2pm. They did. (The US has since passed a banking law that trumps that signature card trick, btw.)
And only individuals are protected....
"In the United States, consumers have little to no liability if a computer infection from a banking Trojan leads to the emptying of their bank accounts -- provided that victims alert their bank in a timely manner. Businesses of all sizes, however, enjoy no such protection, with many small business owners shockingly unaware of the risks of banking online."
http://krebsonsecurity.com/tag/first-foundation-bank/And we haven't even talked about skimmers yet.
Your bank can take up to 10 days to reimburse money while it investigates fraudulent ATM or online use, and up to 20 days if the fraudulent transaction took place at a location such as a store or restaurant. In the meantime, your other legitimate transactions will not be covered. Not so bad if you're around home and can respond quickly. Traveling? S.O.L.
WSJ:
http://blogs.wsj.com/wallet/2009/03/27/help-my-checking-account-was-hacked/Gigaom:
https://gigaom.com/2013/08/07/how-scammers-drained-1700-from-my-bank-account-using-starbucks-cards/LA Times:
http://articles.latimes.com/2006/jan/01/local/me-lopez1The takeaway is that personal accounts have protection but it will be a PITA to resolve. Debit cards are a disaster waiting to happen and have less protection. Your ATM card is probably a debit card now, btw. After paper checks to vendors-known-to-you, Your safest bet is doing everything by personal credit card.
Business accounts and business credit cards have little or no protection. Even banks aren't very aware of this, particularly at the local service rep level. I was on the board of directors of a substantial bank and -even then, I couldn't get a solid, well-researched answer from the legal department without raising hell. If you have business c-cards, kill them or at least reduce the $-limit to act as a firestop. I carry separate personal cards with my business name on them. The cc bill is paid by the company but they are technically personal cards (with relatively low $-limits).
For either personal or business, I think the greatest risk is in "the last mile" rather than the banking system. Think that crackhead gas station attendant or waiter can't read your pin# keystrokes upside-down? Then there are skimmers and loggers on the electronic side.
(Brad ===>)
You pay -one way or another- for every convenience.