By now, most of us do at least some of our banking online. We have become accustomed to pulling out a smartphone to transfer funds, make deposits, or check on transactions. Every time we log onto our bank through the internet, it’s a risk and one that hackers are waiting for.
Besides the obvious dangers of online banking, there are some dangers you may not be aware of. If you connect to your bank accounts and credit card companies using a shared computer in your house, you may be at serious risk of hacking.
Kids and others using the computer may not take the same security and privacy precautions that you would, thus possibly infecting the computer with malware, ransomware, or spyware. Hackers can use these programs to track your online activity, steal credentials (including the login to your bank) and even capture keystrokes to record passwords or PINs, giving them everything they need to drain your accounts.
If you access your bank account using your mobile device and connect to a public Wi-Fi hotspot, you could be the victim of a man-in-the-middle attack where nearby scammers sniff out open connections and intercept the traffic, stealing logins and more.
There is nothing wrong with using the convenience of online banking; however, take the maximum precautions when doing so and follow the tips below for online banking best practices.
The absolute best way to avoid exposure of your personal bank accounts when doing business online is through a dedicated machine. KrebsonSecurity calls this a “clean computer.” Meaning that you wipe it out, completely reinstall the operating system and install very few additional apps. You can also use a Live CD approach (see below for instructions).
Make your dedicated computer “off-limits” to anyone else in the household. You cannot make exceptions here. One quick browsing session and the entire computer could be compromised.
You can also restrict traffic for this machine by using a tool like OpenDNS, where you set only specific URLs that the computer can visit, such as your bank and credit card sites. That way, you’ll never end up on a malicious website that infects your computer. You can also accomplish this using a host file, firewall rules, or other DNS tools.
Threat experts also recommend that you use a Linux or Mac operating system and not Windows. Windows is inherently susceptible to hacking, malware, and viruses. The majority of malware is written specifically for Windows machines. You can also use a Live CD to boot your Windows PC into a Linux or other operating-system mode while you do your banking. Since you are running the operating system off a CD and not a hard drive, your system cannot be infected during the session.
Other best practice tips for online banking include:
A live CD is a CD that contains a bootable copy of an operating system. You can then insert it into your computer CD drive and boot the computer temporarily using it as a new install. It’s a very clean way to boot the computer into a safe environment for performing banking tasks. You can then remove the disk and boot the computer regularly. Any malicious files installed on the machine won’t be able to interact with your session working off a Live CD. To learn how to create one, read this primer here.