Try to get an account with a bank that offers some form of two-factor authentication for online banking. Not all banks offer it but some will issue a small device that can be used to generate a unique code each time you log in. Others may offer an option to send you the code through text on your phone. This code is only valid for a very short period of time and is required in addition to your login credentials in order to grant you access to your account.
Make sure you create a very strong password for your online bank account. The best passwords are long and a mix of upper and lower case letters, numbers, and special characters. Avoid using any common words or phrases. Never create a password that contains your name, initials, or your date of birth. It is a good practice to change your password occasionally and to not reuse the same one for other accounts.
Financial institutions, and especially banks will never ask you to provide any of your login details through email. If you receive an email that appears to be from your bank that asks for such details, it is more than likely a phishing attempt to trick you into revealing your credentials.
Also be aware of links in emails that appear to be from your bank. When you click on them to log in to what you think is your account, you are actually logging in to a site that only looks like your bank’s site. Once you have typed your credentials, they can then steal your username and password and gain access to your bank account and its contents. The safest way to access your online bank account is by typing the address into your browser directly.
If your bank offers the option of setting up alert notification on your bank account, it is advisable to take advantage of this feature. You can set up alerts that will send you a text or an email if for example, a withdrawal exceeds a specified amount or if the account balance dips below a certain point. These alerts are a nice and fast way to monitor for suspicious activities on your bank account.
Once you have finished your online banking transactions, make sure to log out from the session and not just close the browser. This will reduce the risk from potential session hijacking and cross-site scripting exploits. It is also a good practice to set your browser to clear its cache at the end of each session.