Major Security Issues And Challenges

One of the most challenging issues facing the banking industry currently is the security challenges it faces. While technology and the internet have made banking convenient it also brings new challenges. This is why bank security is often tested in bank PO exams. Let us have a look.

Suggested Videos

previous arrow
next arrow
previous arrownext arrow


Bank Security

In the current banking landscape, security is a major problem that the industry faces. One of the risks is cybersecurity. These security breaches then lead to frauds and other such malpractices. The number of cases of bank frauds are rising every year. Let us take a look at some of the major bank security issues we are currently facing.

bank security

Mobile Banking Risks

During the last five years or so, mobile banking has gained relevance in India. The volume of funds transferred through mobile banking has jumped 108% since last year. However, mobile banking has many security issues. For once the safeguards put in place for online banking do not translate well on the mobile apps.

Also, viruses in smartphones are quite common, and they can override the security settings in the app. And finally, the app needs constant updates so the bugs and viruses are taken care of. If the user does not update his app he can be vulnerable.

Browse more Topics under Banks

DDoS Attacks

This is Distributed Denial of Service Attacks. This is a coordinated online attack. The perpetrators will overwhelm the bank’s online system and database with a large number of requests and transactions. This affects the bank’s servers and slows down the whole banking process. So if a consumer is trying to avail any of the bank’s services it cannot do so.


This is a more straightforward bank security issue. Here fraudsters will try to obtain your bank details via illegal and unethical means. They will ‘go fishing’ for your bank details. They usually try to scam bank customers over email or telephone.

The fake emails or messages will warn about some imminent closure of account or security issues. It will encourage them to fill out a form with their bank details. One reason phishing is usually successful is that the emails and the forms feel authentic to the customers.


Here the fraudsters simply make a fake website of the bank page. They use the same logos, colour schemes, fonts, pictures to mimic the original page. The customer may get fooled and enter its details and passwords that the website will capture. Then the fraudster will use these details to rob the customers.

Corporate Account Takeover

This type of bank security threat targets business accounts. These accounts usually carry higher balances than a savings account and are thus a target for fraudsters. They target employees or executives and steal their credentials to gain access to the corporate account. They use phishing. malware, social media hacking to get to these credentials.

Sometimes they even gain access to email accounts of senior executives to impersonate them and get relevant information from employees or the banks itself. This is known as Business Email Compromise.


By this method, fraudsters use credit cards to gain your important banking details such as account number and your PIN number. When a customer swipes his credit card, there is a skimming device attached to the machine. It captures and stores your private banking information. The fraudsters then use this information to do online transactions or even change the PIN number of your card.

Solved Questions for You

Q: A hacker contacts you via email, and states that the bank has had a security breach. The mail asks you to follow the link and immediately change your password, or the bank will shut down your account immediately. Which of the following bank security threat are you facing?

  1. Phishing
  2. Spoofing
  3. Scamming
  4. None of the above

Ans: The correct option is A. When a fraudster contacts you with ultimatums such as “closing account” or “change password immediately” this is an indication of phishing. One way to protect yourself is to contact the bank personally and find out the authenticity of the mail.

Q: What method do fraudsters use to get your information from ATM machines?

  1. Spoofing
  2. Phishing
  3. Skimming
  4. DDoS

Ans: The correct option is C. In skimming. the fraudsters attach a skimming device t the ATM. So when you use your debit or credit card, it reads the magnetic strips and captures your banking information, like account number, PIN etc. Then it saves this information and the fraudsters us it to conduct theft.

Q: By using the method of Vishing, the fraudsters contact the customers of a bank via

  1. Email
  2. Telephone
  3. Bank Letters
  4. None of the above

Ans: The answer is B. Vishing is a combination of phishing and voice. The fraudster will set up Voice call over the internet (VoIP) and call numbers randomly in a given region. The automated call will make the customer believe that the call is from their bank. It will ask them to enter their details (such as credit card numbers, PIN number, date of birth etc). They then use the details to commit fraud.

Q: Unwilling participants whose accounts are used to steal from other accounts are known as

  1. Phishers
  2. Scammers
  3. Money Mules
  4. None of the above

Ans: Correct answer is C. When the information is obtained, fraudsters use the accounts of a money mule to steal funds from bank accounts. These maney mules then transfer the money to some other account for a commission. It is important to note that they are unwilling participants, who know nothing of the illegal nature of these activities. They too are victims of cyber crimes.

Q: One of India’s largest data breaches happened in which year

  1. 2016
  2. 2017
  3. 2015
  4. None of the above

Ans: The answer is A. In 2016, nearly 3.2 million debit card users had their private information stolen. It was caused by a malware found in ATM and POS machines provided by Hitachi payment Services. SBI was the worst affected and it had to cancel 6 lakh debit cards for security reasons.

Practice Questions

Q: What is the purpose of a DDoS attack on banks?

  1. Steal information
  2. Introduce malware
  3. Phishing
  4. Overload the servers and make them non-operational

Ans: D

Q: A Trojan Horse Attack is a form of

  1. Security software
  2. malware
  3. spam
  4. None of the above

Ans: B

Q: Creating a hoax website to fool customers is known as

  1. Spoofing
  2. Vishing
  3. Spamming
  4. Trojan Attack

Ans: A

Share with friends

Customize your course in 30 seconds

Which class are you in?
Get ready for all-new Live Classes!
Now learn Live with India's best teachers. Join courses with the best schedule and enjoy fun and interactive classes.
Ashhar Firdausi
IIT Roorkee
Dr. Nazma Shaik
Gaurav Tiwari
Get Started

One response to “Major Security Issues And Challenges”

  1. athena says:

    ATM stands for Automatic Teller Machine, so saying ATM Machine is as redundant as saying Chai Tea

Leave a Reply

Your email address will not be published. Required fields are marked *

Download the App

Watch lectures, practise questions and take tests on the go.

Customize your course in 30 seconds

No thanks.