Blog article
See all stories »

Criminal Hackers Targeting Your Online Banking

 

Willie Sutton, when asked, "Why do you rob banks" he said "Thats where the money is!"  Why hack your online bank account? Because thats where the money is!

White Hat Hackers (good guys) probably never anticipated whats happening. There are more viruses out there than ever. Black Hat Hackers (bad guys) are in full force. Back in the year 2000 some have said the white hats were about a year ahead of the black hats in technology. Meaning it would take about a year for the bad guys to crack the white hats stuff.

Others research shows by 2004 the black hats were about 2 weeks behind the white hats. Here we are in 2009. In many cases the black hats are years ahead of the white hats. The good guys are losing. Badly.

Many of the new viruses sit on your hard drive dormant, waiting to be “woken up” when they are signaled. Many of these Trojans are designed to sniff out when you are banking online. They sit and wait, then stike when you log on.

Consider that in our own bodies we already have numerous viruses that come alive when our immune system is down or when its woken up by coming on contact with another. Your PC is no different, there’s often something lurking in there. We get viruses on our PC simply by visiting a website, clicking on a link or downloading a program we think is clean, and many many more ways.

Studies show the amount of viruses quadrupled from over 15,000 in 2007 to almost 60,000 in 2008. The problem is the technology of the criminal hacker has evolved and is further evolving faster than the white hats. This means you have to be on your game. Don’t let your guard down and stay informed.

Basic stuff, again - basic;

Run Windows Update; Or it may be called “Microsoft Update” on your PC. This is a free update to your operating system that Microsoft provides. There are two ways to access this. Either click “Start” then “All Programs”, scroll up the menu and look for the link “Windows Update or Microsoft Update”. Click on it. Your browser (Internet Explorer) by default will launch taking you right to Microsoft’s Windows Update web page and will begin the process of looking at your PC and checking to see what security patches you don’t have. Follow the prompts and click “Express” and let it lead you in the direction it wants. The goal here’s for XP is to end up with “Service Pack 3” installed. Or go to “Control Panel” and seek out “Security Center”. And click “Turn on Automatic Updates” and let Microsoft do this automatically. In Vista the process is similar and your goal is “Service Pack 1”

Install Anti-Virus; Most PCs come with bundled anti-virus that runs for free for 6 months to a year. Then you just re-up the license. If you don’t, then every day that the anti-virus isn’t updated, is another opportunity for criminal hackers to turn your PC into a Zombie that allows your computer to be a Slave sending out more viruses to other PCs and turning your PC into a Spambot selling Viagra. You can also install a different anti-virus program for a fee or free. McAfee is great, Symantec is loosening their grip on the “bloatware” and getting better. Avast is free and good, but free scares me. Free means you have to manually scan your PC and most people don’t do manual very well. Theres also a paid version.

Install Spyware Removal Software; Most anti-virus providers define spyware as a virus now. However it is best to run a spyware removal program monthly to make sure your PC is rid of software that may allow a criminal hacker to remotely monitor you’re keystrokes, websites visited and the data on your PC. I like Lavasofts Ad-Aware Free www.lavasoft.com. There are plenty of good ones.

Run Firefox or Chrome; Microsofts Internet Explorer is clunky and the most hacked software on the planet. Mozillas Firefox is less hacked and more secure. The jury is still out on Googles Chrome browser, but it’s sweet! Maintain the default settings keep the pop-up blockers and phishing filters on.

Secure Your Wireless; If you are running an unsecured wireless connection at home or the office, anyone can jump on your network from 300-500 feet away and access your files. Serious. The router has instruction on how to set up WEP or WPA security. WPA is more secure. If this is a foreign language to you, then hire someone or get your 15 year old to do it.

Install a Firewall; Microsoft’s operating system comes with a built in firewall. But it is not very secure. Go with a 3rd party firewall that is prepackaged with anti-virus software.

Use Strong Passwords; Little yellow stickys on your monitor with your passwords isn’t good. Use upper case, lower case, alpha-numeric passwords that you change up every 6 Months.

PLEASE, you other security dudes or dudets, chime in. We need your guidance too.

Robert Siciliano Identity Theft Expert discussing online banking Here

 

4133

Comments: (2)

A Finextra member
A Finextra member 26 February, 2009, 07:53Be the first to give this comment the thumbs up 0 likes

Basic stuff, again - basic;

Run Windows Update;

 - remember to reboot about 5 times during the updates

 

Install Anti-Virus;

- and pay $ or £ or € for it unless you manage to find a reliable free alternative (Avast!) on the web.

- remember to reboot after the install

 

Install Spyware Removal Software;

- and pay $ or £ or € for it unless you manage to find a reliable free alternative on the web.

- remember to reboot after the install

 

Install a Firewall; 

- and pay $ or £ or € for it unless you manage to find a reliable free alternative (ZoneAlarm) on the web.

- remember to reboot after the install

 

... or you could just buy yourself an Apple. 

Or if you wish not to spend any more $ or £ or € and hours of your valuable time on patching your insecure operating system, visit http://www.linux.org/ and get you copy of malware freedom. 

Cedric Pariente
Cedric Pariente - EFFI Consultants - Paris 01 April, 2009, 16:39Be the first to give this comment the thumbs up 0 likes

No need to pay $ when you want to have a basic security.
And most of the users do not even have these basic tools to ensure a safe usage of their computer.

There are tons of good free products out there that would be sufficient for most of the users.

The recommendations of Robert Siciliano are very good and you can follow them without having to pay a dollar for something you do not understand.

Antivirus:
Avast
Avira AntiVir Personal Edition

Firewall:
Comodo
Online Armor

Browser:
Google Chrome is the most secure browser so far.
The sandboxed architecture using the security model of Windows is pretty hard to bypass even for an excellent security expert (white hacker) such as Charlie Miller.
An alternative to it would be Firefox which is the 2nd most secure browser.
And if you want to add another layer to it, you might run it in your own Sandbox model with a software like Sandboxie.

Addware/Spyware/Scumware remover:
SuperAntiSpyware is definitely the best.
MalwareBytes Anti-Malware is a good complimentary tool.

Intrusion Prevention and Detection Utility:
Threatfire is a very good first choice.
DriveSentry has excellent default settings for novice but is also highly configurable for experienced users.

 

Of course, a regular Windows Update as well as Security Tools updates are more than recommended.