Log In
Register
Home
Topic RSS
Facebook
Twitter
Email this8:11 pm
November 8, 2009
Offline
obviously there,s lots of online banking happening and with that comes the crooks and bad guys who are trading in guns and masks for malware and viruses. Does anyone have any tips on what to do to keep from getting hacked and potentially becoming a virtual robbery victim with real world monetary consequences? I know about doing regular updates on software and scanning. Any other things to keep the bad guys out?
I recently heard that you can load an operating system like firefox onto a memory stick and use it only for banking so as not to expose it to malicious software and hacking attempts. Sounds like a good idea I was not aware of. Anything else anyone can think of?
10:30 am
1) Use Private Browsing to log into your bank account so that the browser cleans up traces such as cookies and such when you are done.
2) Avoid logging in from a tabbed window because it makes your session vulnerable to cross-scripting attacks from sites that are open in your other tabs.
3) Always type the bank's online website into the address bar or recall it from a bookmark to ensure that you are on the right site.
4) Only log into your bank account from a machine that you trust, not at an internet cafe or library, unless you are using an OS on USB stick that takes over the machine as kilarney describes. Privatix is a good example of this: http://www.mandalka.name/priva.....ex.html.en
1:28 pm
November 8, 2009
Offline
using a a security program that locks down all other applications and only allows the browser that is accessing a banking site has been another trick seen lately. Seems like a good idea to block all other programs as you do any secure transactions.
4:24 pm
Nice tips.
But here is the one I see a lot. (Andrew, your tips are great but also please note)
My tip is DONT type your bank in the URL bar, but instead use your favorite button or google your bank on other computers, as many scammers have the similar or typo sites with pages that look exactly like the real thing. So on this identical looking site you enter your username and/or password without knowing it isn't the real site.
EX you want AbcBank which URL is AbcDirect.ca but you type AbcBank.ca forgetting the often forgotten Direct in its URL, but beleiving AbcBank must naturally have the rights to this URL, or you type AbcDirect.com instead .ca or AbDirect.ca forgetting a letter, etc
All or some of these erroneous are used by a scammer with IDENTICAL pages to the real site. (Google knows this and prevents scammers from being on their top list)
8:10 pm
When I get to the log-in process and my online bank asks for my password;
I point my mouse first to the left side [i. e., point to the icon of the site] of the URL; when my mouse is on focus with the icon of the website for 1-2 seconds, a pop up message usually says : "This web site does not supply identity information" (this is the default message during the phase of "nonsecured mode" of websites.
I have to make sure the pop up message says:
"Verified by VeriSign, Inc."
or
"Verified by Thawte Consulting cc"
Then after that is OK, that's the time I type in on my password…
Please write your comments in the forum.