Tag Archives: bank

Online Banking Do’s and Don’ts

banking2 While it’s true that the Internet, despite its fundamental design flaws, has the “potential” for safe and secure financial transactions, safe banking online relies on you making good choices, and decisions, that will help you avoid costly surprises, or even carefully crafted scams and phishing schemes.

Despite all the positive hype surrounding financial institutions’ system security, we have learned, much to our detriment, that there are no absolutes in computer system security.

The inescapable fact remains; you are your own best protection while conducting financial transactions on the Internet. So it’s important that you learn about, and take advantage of, the active security features offered by your financial institution.

Online banking 1

Examples of security features offered by financial institution:

Encryption is the process of scrambling private information to prevent unauthorized access. To remind you that your transmission is encrypted, most Internet browsers display a small icon on your screen that resembles a lock, or a key, when you conduct secure transactions online. Look for this symbol so that you have reason to believe your connection is, in fact, secure.

Passwords, or personal identification numbers, should be used when accessing an account online. Your password should be unique to you, and this is extremely important, you should change it regularly. Do not use birthdates or other numbers or words, that may be easy for others to guess.

Always carefully control to whom you give your password. For example, if you use a financial company that requires your password in order to gather your financial data from various sources, make sure that you are aware of the company’s privacy and security practices.

General security over your personal computer such as virus protection and physical access controls should be used and updated regularly.

Online banking 2

Tips on safe computing practices when conducting your online banking at home, or at a public computer:

Never leave your computer, even at home, unattended, once you have signed in to online banking.

After completing your transactions, ensure that you sign out, clear your cache, and close your browser. Often, it is easy to forget to sign out of an online banking session

Keep your password and card number safe. This seems like a no brainer, but surprisingly, many users do forget this critical step in the process.

Do not share, disclose, or provide your bank card number, or password, to another party, or website, other than your bank. Most banks will not send you an email requesting this information. If your bank practices this very unsafe routine; you should change banks.

Do not save your bank card number, or password, on a publicly accessed computer.

If you do use a public access computer such as at an Internet café or public library, (absolutely NOT recommended), to be safe, change your password after completing your session by calling your bank’s telephone banking number.

When selecting a password, choose a series of characters that cannot be easily guessed by someone else. The best passwords are made up of an alpha-numeric combination that are more than eight characters long, and a combination of capital and lower case letters.

Bank of America email scam

This is an example of an Online Banking email phishing attempt.

Final words – don’t use:

A password you use for any other service.

Your name, or a close relative’s name.

Your birth date, telephone number or address, or those of a close relative.

Your bank account number, or bank card number.

Do not share your personal verification question answers with anyone, and do not disclose them in any emails. It’s simple; giving your password answers to another person, or company, places your finances and privacy at risk.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

20 Comments

Filed under cybercrime, Don't Get Scammed, Interconnectivity, Online Banking, Online Safety, Windows Tips and Tools

PandaLabs Trojan Warning – FakeWindows.A, and UrlDistract.A

Courtesy of Panda Security: This week’s PandaLabs report looks at two new Trojans (FakeWindows.A, and UrlDistract.A), that try to trick users in order to steal their data.

FakeWindows.A is a Trojan that resembles a Windows XP activation process.

image

This malware can reach computers through email, or can be downloaded from a malicious Web page.

It tries to get users to believe that the operating system is requesting their data to activate the account.

image

In addition to personal data, the Trojan also requests bank details. On entering them, the program displays an error screen indicating it was impossible to
connect to the server. Consequently, in addition to making data theft
easier, users’ computers are blocked.

The UrlDistract.A Trojan, reaches computers through emails with an icon that resembles a video. When run, the Trojan silently steals users’ information, while it distracts them by opening a YouTube video called “Little Superstar” where an actor dances to the music.

image

The Trojan then connects to an address in Atlanta, and sends all the data
stolen from the computer.

More information about these and other malicious codes is available in the Panda Security Encyclopedia. You can also follow Panda Security’s online activity on its Twitter and PandaLabs blog.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on PandaLabs Trojan Warning – FakeWindows.A, and UrlDistract.A

Filed under Don't Get Scammed, Don't Get Hacked, internet scams, Internet Security Alerts, Malware Advisories, Online Safety, Panda Security, PandaLabs, trojans, Windows Tips and Tools, Windows XP

Online Banking Safety Tips

banking2 As use of the Internet continues to expand exponentially, banks and other financial institutions have increased their use of the Internet to deliver products and enhanced financial services, or simply to improve communications with consumers.

The Internet, despite its fundamental flaws, does offer the potential for safe, convenient, and new ways to shop for financial services and conduct banking business, any day, any time.

While it’s true that the Internet has the “potential” for safe and secure financial transactions, safe banking online relies on you making good choices and decisions that will help you avoid costly surprises, or even carefully crafted scams and phishing schemes.

Despite all the hype concerning inpenetrateable system security, we have learned, much to our detriment, that no such inpenetrateable systems exist. The inescapable fact remains; you are your own best protection while conducting financial transactions on the Internet. So it’s important that you learn about, and take advantage of, security features offered by your financial institution.

Online banking 1

Some examples are:

Encryption is the process of scrambling private information to prevent unauthorized access. To remind you that your transmission is encrypted, most Internet browsers display a small icon on your screen that looks like a lock or a key, when you conduct secure transactions online. Avoid sending sensitive information, such as account numbers, through unsecured e-mail.

Passwords, or personal identification numbers, should be used when accessing an account online. Your password should be unique to you, and this is extremely important, you should change it regularly. Do not use birthdates or other numbers or words that may be easy for others to guess.

Always carefully control to whom you give your password. For example, if you use a financial company that requires your passwords in order to gather your financial data from various sources, make sure that you are aware of the company’s privacy and security practices.

General security over your personal computer such as virus protection and physical access controls should be used and updated regularly. Contact your hardware and software suppliers, or Internet service provider, to ensure you have the latest in security updates.

Online banking 2

(Click pic for larger)

Tips on safe computing practices when conducting your online banking at home, or at a public computer:

Never leave your computer unattended once you have signed in to online banking.

After completing your transactions, ensure that you sign out of online banking, clear your cache, and close your browser. Often, it is easy to forget to sign out of an online banking session

Keep your password and card number safe. This seems like a no brainer, but surprisingly many users do forget this critical step in the process.

Do not share, disclose, or provide your bank card number, or password, to another party or website other than your bank. Most banks will not send you an email requesting this information. If your bank practices this very unsafe routine; you should change banks.

Do not save your bank card number, or password, on a publicly accessed computer.

If you do use a public access computer such as at an Internet café or public library, to be safe change your password after completing your session by calling your bank’s telephone banking number.

When selecting a password, choose a series of characters that cannot be easily guessed by anyone else. The best passwords are made up of an alpha-numeric combination that’s more than four characters long and a combination of capital and lower case letters.

Bank of America email scam

(Click pic for larger)

This is an example of an Online Banking email phishing attempt.

Don’t use:

A password you use for any other service.

Your name, or a close relative’s name.

Your birth date, telephone number or address, or those of a close relative.

Your bank account number, or bank card number.

Do not share your personal verification question answers with anyone, and do not disclose them in any emails. It’s simple; giving your password answers to another person, or company, places your finances and privacy at risk.

5 Comments

Filed under Don't Get Hacked, Encryption, Interconnectivity, Internet Safety, Malware Advisories, Online Banking, Online Safety, Phishing, Safe Surfing, Spyware - Adware Protection, Windows Tips and Tools

Public Proxy Server Danger – Web Site Spoofing

spoofing In the article immediately following this article, “OperaTor and XeroBank – Surf the Internet Anonymously”, I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!”

Well, there’s no time like the present, so here is that article.

In some cases public proxy DNS’s, the database that associates numeric IP addresses, e.g. (206.4.XX.XXX) with URLs, have been known to have been modified.

The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page. For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.

The following graphic shows a spoofed banking site.

spoof

(Click pic for larger)

The danger of this type of attack is – even users with malware-free, up-to-date computers with a good firewall, etc. could easily fall victim to these attacks.

To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites on which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted.

It’s equally as important that you use a browser add-on such as WOT (Web of Trust), so that you have a first line of defense against this type of attack. I strongly recommend that you use WOT as your primary Internet Browser protection. For more information, read “Love WOT And It Will Love You Right Back!” on this site.

If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game.

4 Comments

Filed under Anonymous Surfing, Browser add-ons, Don't Get Hacked, Firefox Add-ons, Freeware, Interconnectivity, Internet Safety, Internet Safety Tools, Malware Advisories, Online Banking, Online Safety, Phishing, Safe Surfing, Software, Spyware - Adware Protection, System Security, Windows Tips and Tools