If you feel that no bank account is entirely safe from scams and fraud these days, you aren’t being paranoid. 

Three in 10 bank customers experienced fraudulent activity on their accounts in the past year, according to a first-ever bank fraud study by J.D. Power, the consumer analytics firm. 

Some consumers sent money to scam artists with a payment app. Others found unauthorized purchases on their statements, or had money stolen from their accounts. 

Analysts at J.D. Power said fraud is proliferating in an era of peer-to-peer (P2P) payment apps and increasingly impersonal transactions.  

“You would never, as a consumer, take 100 dollars and hand it to a stranger. But in many ways, that’s how P2P works,” said Jennifer White, senior director of banking and payment intelligence at J.D. Power. 

Capitalize on high interest rates: Best current CD rates

Data leaks, such as the massive National Public Data breach, give scammers access to billions of Social Security numbers and other consumer data. A bad actor can telephone a customer, masquerading as a bank and armed with enough knowledge to sound convincing. 

“It’s easy to fall for this, because they have a lot of your personal information,” said Paul Benda, executive vice president for risk, fraud and cybersecurity at the American Bankers Association. 

'It's not just happening once'

The study, released November 7, found that 29% of bank customers experienced fraud in the last 12 months. Of that group, 45% had multiple incidents of fraud. 

“It’s not just happening once,” White said. 

Customers under age 40 were even more likely to fall victim to bank fraud.  

That might seem counter-intuitive, White said, given that younger Americans are digital natives. But they are also more likely to use payment apps, she said, making them potentially more vulnerable. 

The study revealed two other intriguing facts about American bank customers: We really like it when our bank solves a fraud case. And we don’t do a great job of protecting our own bank accounts. 

Nearly all bank customers, or 92%, said they were “likely to reuse their bank” after the institution resolved a case of fraud.  

Most fraud victims said they still felt pretty good about their bank. Only 17% said the experience left them with a negative impression.  

Customers are especially delighted, White said, when the bank discovers the fraud and makes it right.  

Bank officials concurred.  

“When we detect and prevent fraud or recover [funds] for our clients, they are super-satisfied,” said Jennifer Ehresman, head of consumer client protection at Bank of America. 

The study drew on survey responses from more than 20,000 bank and credit card customers.  

Bank customers don't always safeguard their own accounts

Its findings suggest banks may be more vigilant about fraud than their customers.  

“Banks spend literally billions of dollars every year on anti-fraud measures for your accounts,” Benda said.  

Nearly half of bank customers in the J.D. Power report, or 46%, said their bank had prompted them to take fraud-prevention measures in the past 90 days. 

But customers didn’t always help themselves. One-quarter of consumers said they had done nothing in the past 90 days to secure their accounts. Among those who did something, the most common action was to review recent transactions for suspicious activity. 

That’s better than nothing, banking experts say, but not much. Checking your transactions is reactive, rather than proactive, and doesn’t really protect your account. 

It seems harder than ever to keep ahead of the scammers. Nonetheless, here are some tips for bank customers to protect their accounts. 

Visit your security center 

Go to your bank’s website or app and look for a security center, “a location on the app where all your security settings can be viewed in one place,” White said. 

Most large banks offer security centers. Some will even guide you through the steps to safeguard your account.  

Manage your passwords 

Choose complex passwords that aren’t obvious: Not your birthday, or your dog’s name. Don’t use the same password for every account. Update them frequently.  

Many consumers use password managers, programs that generate strong passwords and store them securely.  

Obviously, if you get a warning that your password was compromised in a breach, find a new one. 

Set alerts 

Your bank probably has an alerts page, where you can choose to receive a text message or email if someone changes your password or contact information.  

An account alert can tell you about a withdrawal, declined transaction or any activity above a certain dollar threshold.  

Beyond passwords 

Many financial institutions use two-factor authentication as a way to double-check your identity.  

The obvious example is those numeric codes you get on your cellphone when you try to log in, in case someone has stolen your password. 

More institutions are using biometrics, such as facial-recognition and fingerprint software, to prove beyond any doubt that it’s you.  

Such measures “may take a little longer,” J.D. Power reports, “but the protection is worth the hassle.” 

Update your app 

Make sure you have the most recent version of your banking app on your smartphone. The app will usually tell you when it’s time to update. 

Go paperless 

Paperless correspondence saves time and effort. It’s also safer, security experts say, because there’s no paper trail for a criminal to follow.  

Don’t share your smartphone 

“Be careful with your phone,” said Ashwin Raghu, director and head of innovation and scam policy at Citi. “Because the phone is really the key to your kingdom.” 

Don’t share your phone, Raghu said. Don’t leave it lying around, unlocked, where people can access it.  

If you’re buying something on a payment app, complete the transaction yourself. Don’t hand your phone to the person making the sale. 

More:Scam losses worldwide this year are $1 trillion. How to protect yourself.

Beware of the unexpected

Be careful about answering an email, call or text that claims to be from your bank. The American Bankers Association lists five red flags:  

• A message with a link you weren’t expecting 
• Anything using urgent or fretful language 
• Any attachment 
• Any request for personal information, like a PIN or password 
• Anything that pressures you to send money on an app.  

“If you didn’t expect it,” Ehresman said, “don’t click on it.”