A massive attack on Tesco bank over the weekend has raised questions about the security of online banking
As many as 20,000 Tesco Bank customers have had money stolen from their accounts in a hack attack on the bank over the weekend .
Tesco has taken online transactions offline temporarily as a "precautionary measure" and has promised to refund any customers who have had funds stolen.
The root cause of the attack is still to be disclosed, but questions have been raised about the security of online banking.
As the use of online services has risen - with more than half of Britons using internet banking in 2015 according to the Office for National Statistics - so has the security around it.
The majority of banks in the UK, including Tesco Bank, now use what is known as two-step authentication, where users must enter additional security information beyond just a username and password.
Some even require an extra passcode sent to the user via text message in order to prove their identity.
The majority of hacks that take place occur due to criminals fraudulently obtaining user details. This predominately occurs by phishing, where emails and text messages are sent to users pretending to be from official sources but in fact come from hackers.
These look to steal details by either tricking users into following a link and entering them into a fake website, or the link will download malware onto a user's computer that then captures account details.
Banks advise customers to be vigilant over any emails they receive that appear in any way suspicious, and to avoid clicking on any links within them.
Most banks also say they do not ask for security details over email or text, and users should instead contact banks directly by phone to discuss account details.
Consumer group Which? has a list of seven points to help identify an attempted fraud, including being contacted out of the blue, an offer being too good to be true, and being pressured to respond quickly and with personal details.
The group also says users should look out for vague contact details, spelling and grammatical mistakes or being asked to keep the correspondence quiet.