Online Banking: Safety And Security Precautions

January 17, 2014

Printby Jeremy Miller, Technician
There are many avenues of attack when banking online safely. Many people simply use a computer that is attached to the Internet with little to no precautions at all. Some bank online even if they know there are issues with their computer or virus infections on their computer.

I will cover three levels of precaution that you can take to ensure your online banking information stays secure: simple, advanced, and paranoid. As the level of precaution increases, it will be more time consuming and difficult but worth it if you want to keep your online banking experience safe and secure.

Simple Precautions
To keep your information secure you must make sure that your computer is fully up-to-date with all Windows Updates and other software patches. Software vendors like Microsoft release security patches regularly to close exposed security holes in their software. Without patching hackers can use known-vulnerabilities to attack your computer.

Next you must make sure that you have anti-virus software installed and it is up-to-date with the latest virus definitions. You must also have your anti-virus run scans regularly to make sure the computer is clean of any known infections.

You should always look in the Uniform Resource Locator (URL) bar to make sure the web address you are accessing is the correct one. Also make sure that the first five characters are HTTPS.

This will ensure that your traffic is encrypted, which will make your entire web traffic look like gibberish. If your first characters are only HTTP and not HTTPS then hackers would be able to read your password in plain text.

Lastly, you must only do online banking from trusted-networks like your home network or in some cases your work network. Anyone else attached to your network has the possibility to access your bank information if they have the know-how.

To be sure you are on a secure network, you should not use online banking from public or free networks that anyone can access. When you do this you ensure that only you and your Internet Service Provider (ISP) can view your online traffic.

This will also protect you from man-in-the-middle attacks (MITM).These attacks are when a hacker is in between you and your target destination usually a router. Hackers using MITM attacks will be able to see all unencrypted traffic.

Advanced Precautions
You must ensure you are implementing all simple precautions, including a few more steps you can take to up your protection level.

Run a full virus scan before accessing your online bank account each time. Your system will be clear of known infections, plus it gives you significantly less risk of an infection since your last scan. A full scan looks at every file on your computer and checks it against a known virus database.

You can also configure Windows Firewall to prompt you before allowing traffic in or out of the computer, or you can install a software-firewall to scan your active Internet traffic.

The firewall will prompt you with pop-ups to ask if specific connections are allowed. This will allow you to approve or deny all traffic on your computer. Usually firewalls have different settings to allow you to choose the level of security this firewall will provide.

Paranoid Precautions
This is the most secure of the three and implements the previous precautions. It would be best to boot to a new operating system every time you need to access your online bank account. You need to know how to change your computers boot order and how to create a bootable USB drive or disk.

There are a number of free operating systems that you can load onto a disk or USB drive. WinPE will allow you to boot into a portable version of Windows. This will be a clean installation with no additional software installed.

You can also use the more widely available bootable Linux distributions as a clean bootable operating system to access your bank information. Ensure you are getting your distribution from a reputable vendor.

Most Linux distributions are free. Downloading a reputable vendor will ensure that there isn’t malicious software pre-loaded into the operating system.

If you are interested in enjoying a safer browser experience you can contact us and we can answer any questions or concerns as well as help you implement any of these precautions.

(Image Source: iCLIPART)

Filed Under: Online Security Tagged With: , , ,

Beware: Online Banking Phishing Schemes Are On the Rise

December 19, 2011

Banking online is a convenient and time saving way of managing and keeping track of your company’s finances.

Weak security practices, though, can make it more possible for cyber-thieves and hackers to steal your hard-earned money. It is important to make sure that all possible steps are taken to safeguard your company’s finances.

Online banking is a tool that many businesses utilize because of the ease, efficiency, and convenience it offers.

It’s a great way to manage finances in your day-to-day operations. Unforunately, as more businesses turn to online banking, cyberthieves and hackers who target small companies are becoming more adept at stealing from companies online.

Security experts are urging companies to beef up their security systems to keep them safe from cyber and identity theft.

The more companies rely on the Internet, especially when it comes to managing finances through online banking, the more prudent it is to take steps to prevent that hardearned money from being stolen or diverted to someone else’s account.

One tip experts give is to establish proper protocols for transacting with the bank, such as requiring two people to verify a transaction before it is approved.

This helps create a checks-and-balance system that hackers can’t bypass.

Having a dedicated workstation used for only online financial transactions is also recommended, as this lessens the likelihood of it being infiltrated by Trojans, viruses, spyware, and other malware that may come from the machine being used for other purposes.

Having the right anti-virus and antimalware software – and keeping it updated – also goes a long way in keeping your online banking transactions safe from unfriendly eyes.

Your finances are the lifeblood of your business. If you’re interested in how you can make your online banking experience more safe and secure, we’d be happy to sit down with you to discuss security solutions that are tailor-fit to your specific requirements and needs.

Give us a call at the office, (734) 457-5001.

Filed Under: Security, Tips Tagged With: , , ,

Online Banking: Five Steps To Protect Yourself

May 21, 2010

I was reading the Wall Street Journal website recently, and came across an interesting article about online bank fraud. The article was about a small business owner in California had over $100,000 stolen from his bank account.

He only recovered about $50,000 of it back. The other $50,000 went to a bank in Europe, where mules (someone who receives the stolen money) started to withdraw the money from the bank account.

How did this happen? The business owner had spyware on his computer that transferred his banking username and password to the hackers. I always shake my head when I read an article like this, because I know it could have been easily avoided.

Anti-virus and anti-spyware
The first step in protecting yourself is to make sure your computer has anti-virus and anti-spyware installed.

If you’re doing online banking, make sure that you’re using commercial quality protection – not something you download from the Internet for free.

The stronger your first layer of protection, the safer you are online.

We see computers every day that don’t have this simplest of protection installed; or, worse, the business owner has installed protection software, but then fails to keep it updated or renewed.

Unified threat management
The next step is to invest in a unified threat management (UTM) firewall. A UTM firewall is miles ahead of the simple DSL or cable routers you’d pick up at the office supply store.

They offer solid protection against viruses, hackers, spyware, and the host of other Internet dangers.

The device scans all Internet traffic in real time, and can protect you even before the anti-virus and antispyware vendors have updated their software for new attacks.

UTM firewalls can also implement web filtering and prevent the computer from reaching the intended attacker.

Web filtering can block access to websites that contain malware and spyware; it can also protect employees from going places they shouldn’t be.

Fortinet is our preferred vendor that makes firewall appliances that do what I describe above. A dedicated firewall and UTM appliance is very effective in helping prevent an attack such as this.

Block SPAM at the source
One of the sneakiest ways hackers can compromise your computer is through email, so you’ll want to look for a rock-solid spam filtering solution. Numerous cloud based (hosted) solutions exist that are very inexpensive. A good spam filter will keep viruses, phishing and other attacks from hitting your email. Reflexion is our favorite cloud based email filtering solution. The product is easy to use, well supported and extremely effective.

With online banking, phishing attacks are very common. Someone creates an email that looks like your bank in an attempt to collect information, you click on the link, and next thing you know, the hackers have your login and password.

Personally, I never open emails from my bank. Most banks will not contact you for important account information with email.

Perform regular maintenance
The fourth step to keeping your computers safe is patch management. Microsoft releases security updates for Windows nearly very week. Having a trained IT professional ensure patches are applied correctly – and quickly – will protect you from any security holes in the software that you’re running.

Most small businesses should look at one of our managed service plans, which provides you with “whatever it takes” service at a low fixed monthly cost.

Pay attention
The final step is a matter of common sense. Most people will go to potentially hazardous websites or click on something they shouldn’t have. My suggestion is if you are doing Internet banking, it should be on a computer that is used the least.

If you are going to go to questionable websites, don’t do it on the computer where you do your banking.

Filed Under: Antivirus, Online Security, Password Security, Security Tagged With: , ,