Dealing with a Hacked Online Banking Account
What is a Hacked Online Banking Account?
A hacked online banking account happens when someone gains access to your bank account without your permission. This could happen if your login details were stolen through phishing, smishing, or vishing scams, guessed due to weak passwords, or captured through malware on your device.
When criminals access your bank account, they may try to:
Transfer money out of your account
Set up new payees
Make purchases without your consent
Change your account details
Apply for loans or credit in your name
Because financial loss can happen quickly, it’s important to act immediately if you suspect unauthorised access.
Signs Your Banking Account May Have Been Hacked
Look out for warning signs such as the following:
Unexpected transactions – payments or withdrawals you don’t recognise.
New payees added – Unknown names appearing in your saved payees.
Security alerts from your bank – Messages about login attempts or suspicious activity.
You can’t log in – your password suddenly stops working.
Unexpected text or email confirmations – messages confirming payments you didn’t authorise.
Changes to your details – Address, phone number, or email updated without your knowledge.
Example:
You received a text message confirming a transfer to a new payee, but you didn’t set up any new payment. This is a strong sign your account may be compromised.
What To Do Immediately If Your Banking Account Is Hacked
If you believe your bank account may have been accessed without authorisation, please take immediate action. Every minute matters.
Quick Response Checklist
Contact your bank immediately
Use the official phone number from your bank’s website or the back of your card.
Tell them that you suspect unauthorised access.
They may freeze your account or block suspicious transactions.
Secure your account
Change your online banking password immediately.
Enable Two-Factor Authentication (2FA) if available.
Remove any suspicious payees or scheduled payments.
Check recent transactions
Please review your statements carefully.
Report any unauthorised payments to your bank right away.
Secure your email account
Your email is often linked to your bank account.
Change your email password and enable 2FA.
Scan your device for malware
If your login details were stolen through malware, they must be removed to prevent further attacks.
Contact Action Fraud (UK)
Report the incident to help authorities track fraud activity.
What To Do If Money Has Been Stolen
If money has been taken from your account:
Report it to your bank immediately
Many banks can stop or reverse transactions if reported quickly.Request a fraud investigation
If you confirm and report the fraud promptly, your bank may refund the losses.Keep records
Save messages, screenshots, and details of suspicious transactions.Monitor your accounts closely
Continue checking your bank statements for unusual activity.
How to Report Banking Fraud
Reporting helps protect both you and others.
Please reach out to your bank as soon as possible
In England, Wales, or Northern Ireland: report to Action Fraud.
In Scotland: report to Police Scotland.
If the scam involved phone calls claiming to be your bank, hang up and dial 159 to connect safely to your bank.
How to Protect Your Banking Account in the Future
Taking preventative steps can significantly reduce your risk.
Use strong, unique passwords
Avoid using the same password across multiple accounts.Enable Two-Factor Authentication (2FA)
This adds an extra security layer beyond your password.Never share banking details
Banks will never ask for passwords or PINs via email, text, or phone.Be cautious of phishing texts or emails
Always access your bank through official apps or websites.Regularly check your account
Make it a habit to review your transactions frequently.Use banking alerts
Many banks allow notifications for transactions or login attempts.
Real Examples of Online Banking Fraud
Understanding how attacks happen can help you detect them early.
Fake Bank Text (Smishing)
You receive a text saying your account is locked and asking you to click a link. The fake site steals your login details.Phone Call Scam (Vishing)
Someone calls, claiming to be from your bank, and asks you to transfer money to a “safe account".Malware Infection
You download an attachment that secretly captures your banking login details.
Online Banking Safety Do’s and Don’ts
Do’s
Do contact your bank immediately if you notice suspicious activity.
Do change your passwords as soon as possible.
Do enable Two-Factor Authentication (2FA).
Do review your account regularly.
Do report suspicious transactions quickly.
Dont’s
Don’t ignore unfamiliar transactions.
Don’t share PINs or passwords with anyone.
Don’t click banking links in texts or emails.
Don’t delay reporting fraud.
Don’t assume small transactions are harmless – scammers often test accounts first.
Get additional support
If you need further assistance or have concerns about your situation:
Contact The Cyber Helpline – If you've followed this guide and still have issues, get back in touch with us through our chatbot or helpline for further support.
Seek professional IT help - If you're not confident following these steps or the problem persists, ask a trusted IT professional or tech-savvy friend for help. Many local computer repair shops can assist with removing malware.
Donate
Your generosity makes our free support possible. Please consider giving today.
Without donations, we cannot keep our service free or provide help to the most vulnerable victims of cybercrime when they need it most. As a not-for-profit organisation, every donation goes directly towards keeping The Cyber Helpline up and running. Donate now and help us support victims of cybercrime.