Online banking safety.

[SecondCor521]

I walk to Valley Forge, PA every hour and use a one-time cipher that I purchase (with cash, natch) from the NSA bookstore to convey my 16,384 character user names and passwords to the desk clerk. So far so good.

 

[joe1964]

sucure pc...

I'm new here, been lurking for a few months, and had to but my 2 cents in for this topic since I'm a IT guy for 30+ years (currently 53 yo)

I only do banking on my work computer (after working hours normally) and thu works network, I have ungodly long passwords which are different for each site. Since its a work computer I never read those "pass along" email jokes that reach my email a lot, never go to a site that work would disapprove of and never public wifi. I have never ever, had a virus! (yet)

once I ER , I will have a PC just for banking etc, and another PC for email or surfing the net when im bored

 

[Rianne]

I'm new here, been lurking for a few months, and had to but my 2 cents in for this topic since I'm a IT guy for 30+ years (currently 53 yo)

I only do banking on my work computer (after working hours normally) and thu works network, I have ungodly long passwords which are different for each site. Since its a work computer I never read those "pass along" email jokes that reach my email a lot, never go to a site that work would disapprove of and never public wifi. I have never ever, had a virus! (yet)

once I ER , I will have a PC just for banking etc, and another PC for email or surfing the net when im bored

I only pay bills from my home iMac with our wifi. Never use outside wifi. Question: Are you vulnerable if you use outside wifi just for responding to texts or reading mail? Mail only I recognize and often don't open, just send to a folder.
2. If iPhone is compromised is the whole system compromised? I fear documents can be infiltrated. Once I encrypted everything which made my iMac burn out.

 

[Gotadimple]

I'm new here, been lurking for a few months, and had to but my 2 cents in for this topic since I'm a IT guy for 30+ years (currently 53 yo)

once I ER , I will have a PC just for banking etc, and another PC for email or surfing the net when im bored

So are you saying that firewalls don't work? I don't understand the need for a separate PC for banking. Do firewalls on your home network not protect your PC? Is data transmission (https on a secured website vulnerable? Should everyone install a VPN client on all PCs to protect from snoopers?


- Rita

 

[joe1964]

I only pay bills from my home iMac with our wifi. Never use outside wifi. Question: Are you vulnerable if you use outside wifi just for responding to texts or reading mail? Mail only I recognize and often don't open, just send to a folder.
2. If iPhone is compromised is the whole system compromised? I fear documents can be infiltrated. Once I encrypted everything which made my iMac burn out.

it depends, each virus is different, new ones all the time. I would guess that txt's are ok, (don't click on links) but emails , depends whats on it ! if the wifi is compromised then every that goes over the air is also read by the hacker.

public wifi can never be trusted , you don't know where the source is or if its run correctly, if you have an unlimited plan why risk it

example: if I visit a local bar, and see that its not using xfinitywifi that's always used for xfinity/Comcast. I start running my own from my iphone called xfinitywifi . Now any xfinity customers all auto connect to ME ! I then capture the name and password , gee I wonder if you pay for xfinity with a credit card lets see!

example: I wanted to steal some banking and 401k funds , I would go to a retirement forum to get alias/names for guessing names and passwords, don't use the same login names

I will say 98% of hacks start from email ...don't trust anything and never ever click on email .. and turn off html for emails (except work) because even that is tracked. (every email gets a different image, so at the server you can see what images have been downloaded, so they can tell if you have read the email or not)

 

[OldShooter]

Most incursions are due to successful "phishing" messages that trick a user into giving his/her password to the phisherman. Very few are due to the bad guy cracking a password. The perceived need for impossibly complex passwords is largely an OWT or, at best, a belief that history has obsoleted.

The best security uses physical tokens, biometrics, etc. that the bad guys cannot compromise.

Hacked routers, etc. are more of an issue for botnets and other thefts of computing power (like bitcoin mining), not for getting at people's bank accounts.

 

[target2019]

I walk to Valley Forge, PA every hour and use a one-time cipher that I purchase (with cash, natch) from the NSA bookstore to convey my 16,384 character user names and passwords to the desk clerk. So far so good.

Epic response. Thanks.

 

[CaptTom]

All sorts of solutions. But what's the problem?

I've used a number of Windows and Android devices and have used on-line banking since it first became available. I don't load questionable software, I run an anti-virus program on my Windows machines, pick reasonable (but not over-the-top) passwords and am very careful about what e-mails I open. I set my browsers to delete cookies on close, and run ad blockers and auto-run blockers. When I get an e-mail, especially from a bank or credit card, I never click the link. I just go to the (known, legitimate) web site by typing it in the address bar.

I really don't think hackers are going to invest the time and effort to make a targeted attack against me personally, the way they might a military installation. Very small return on investment there! They'll cast a wide net, either password guessing or some sort of phishing scheme. All I have to do is be smarter than the small percentage of suckers they're after.

For the record, I spent over 30 years in IT at a facility that's a very desirable hacker target. Some of those years were as the lead Information Security person on site.

 

[Bestwifeever]

If you really are connected directly to the modem, that is a very unsafe setup, as explained here.

https://www.howtogeek.com/183439/ask-htg-do-you-need-a-router-for-simple-single-computer-setups/

Ah, thanks—it’s actually plugged into the router.

 

[target2019]

All sorts of solutions. But what's the problem?

I've used a number of Windows and Android devices and have used on-line banking since it first became available. I don't load questionable software, I run an anti-virus program on my Windows machines, pick reasonable (but not over-the-top) passwords and am very careful about what e-mails I open. I set my browsers to delete cookies on close, and run ad blockers and auto-run blockers. When I get an e-mail, especially from a bank or credit card, I never click the link. I just go to the (known, legitimate) web site by typing it in the address bar.

I really don't think hackers are going to invest the time and effort to make a targeted attack against me personally, the way they might a military installation. Very small return on investment there! They'll cast a wide net, either password guessing or some sort of phishing scheme. All I have to do is be smarter than the small percentage of suckers they're after.

For the record, I spent over 30 years in IT at a facility that's a very desirable hacker target. Some of those years were as the lead Information Security person on site.

I think that the problem is humans tend to think of security as a one time deal, maybe the result of adjusting settings, having a router, etc. I would add that you are never 100% protected, and should use what's generally recommended, and know how to check whether updates and protections are effective.
Recent VPNFilter attack is a good example of how uninformed many users (and authorities) are. Stories referred to rebooting or hard reset the router to fix problem. However, this was un-necessary if you simply had a secure password in the router. It is actually more complicated, but most are not interested in these events and details.
Hackers are interested in one target or many targets. In my example, they modify or create malware that targets all vulnerable devices. Whether it is my router or a defense company router doesn't matter. This is a different problem than banking security, but same and similar vulnerabilities are involved. So protecting your home network requires awareness.

 

[KCGeezer]

+1 Cap’n Tom. I too worked in IT security for a number of years, common sense goes a long way IMO.

“I really don't think hackers are going to invest the time and effort to make a targeted attack against me personally, the way they might a military installation. Very small return on investment there! They'll cast a wide net, either password guessing or some sort of phishing scheme. All I have to do is be smarter than the small percentage of suckers they're after.”

 

[brett]

We bank from our home computer.

We change our passwords and they are alphanumeric with symbols. We don't open any joke emails, etc. We shred just about all of the non junk mail that does come our to our home.

 

[kcowan]

One thing I avoid is those tests on Facebook that always give you excellent results while stealing your personal information. Apparently, free flashlight apps for smartphones do the same thing.