Several years ago, I've worked with a very gifted teacher who wrote a wonderful IT&C manual that I've edited. As we were going through the final revision, she came up with the idea of adding a motto for each chapter. Although I was a bit reluctant at that time, eventually I agreed. And it turned out just fine, as the high school kids that actually used this book liked it too. A week ago, as I was reading an article about e-banking applications that aren't actually working on all types of browsers, I've suddenly remembered two of the most simple and apparently contradicting statements that my author used in her manual. One of them – “If you aren't on-line, you don't exist” – opened the Internet chapter. The other – “The only way to stay safe is off-line” – introduced the Security section. If we play a bit with their meaning and we are (not-so-fallaciously) speculating it, we get the following assertion: “As long as you are on-line, you are in danger”, which makes more sense than the sophism “You're safe if you don't exist”.
However, banks and e-commerce Web sites tell us a different story. That we are effectively safe and secure while we access on-line our deposits and accounts and that we shouldn't worry at all. If you don't trust me, listen to this guy. Fast forward to 15:10 and you will see that even a hacker says so. He's actually kidding and even banks and on-line merchants are partially kidding, no matter how reputable they are, by saying that everything is fine when it comes to e-banking and e-commerce. And mark my words, you shouldn't take that for granted. Why is that? For the same reason that you shouldn't cross a street without looking left, then right (or vice-versa, if you leave in UK and other places where traffic works in reverse), and even if the light is green (or says 'WALK').
If so, what should we do? Not using e-banking or e-commerce at all? It doesn't make any sense, especially for a 21st-century-extremelly-busy-and-technology-dependent-person right? Right. Well, I'm not saying that we shouldn't using them at all. That would be just as locking yourself inside the house and hiding under the bed because there are cars running outside on the same street you are supposed to cross. Just be careful. And here are some tips:
1. Use a dedicated machine. Get a cheap netbook, laptop or desktop configuration and use it solely for e-banking and e-commerce. Password-protect it, so that you limit the access (you wouldn't want kids to mess around with it), and always connect it to the Internet through a wired connection instead of WiFi to avoid traffic interception. Refrain from shopping or banking on-line from public computers or via wireless unsecured network connections, such as those in coffee shops or airports. Also, it would be a good idea not to buy or make any transaction while on bus, subway or any crowded places – one can never tell who's looking over your shoulder.
2. Ideally, your e-commerce/e-banking-dedicated machine should not run Windows – use a Linux distribution or MacOS. Don't get me wrong, I'm no one's advocate here, but as Windows is the most widely-spread operating system in the world, chances to get infected or compromised are higher. If you don't believe me, then read this story. However, if it is more convenient for you to run Windows or MacOS, then installing a security suite with at least a Firewall, Antispyware and Antimalware is a must. Check this out: BitDefender Facebook fans get 6 extra months of protection for free with the best defensive solution currently on the market, BitDefender Internet Security 2011! Pretty cool, isn't it? By the way, no matter what OS is on that machine, update it frequently. Do the same for your browser and for your security suite. It's crucial in keeping malware and attackers away from your system!
3. Beware of phishing or vishing attempts – banks and retailers will never ask you to change login credentials or other important account details on the phone or via e-mail and sms. If you have any suspicion, make a visit to the bank or try to call them back at the number provided in the contract or agreement you signed (for phone calls it will be a good idea to write down the name of the person who called you and ask for him or she, to see if that person actually exists within that organization).
4. As your Internet browser is your gateway to any on-line financial transaction, clean its cache before and after going on-line, regardless of your operating system. Empty cookies and all plug-in data, as well as all automatically filled data it may save. Disable Autocomplete and Save Passwords options. Moreover, you should refrain from storing any transaction details on your computer. Additionally, you may want to add a free cross-browser controller, such as BitDefender TrafficLight extension, to make your Web surfing even safer.
5. Use on-screen keyboard. Search for it in accessibility tools of your OS and click with your mouse the screen instead of typing on your keyboard. It can spare you the trouble of keystrokes being intercepted by keyloggers.
6. Always manually introduce the address of your bank or on-line retailer in the browser's address bar to avoid redirection towards phishing pages mimicking the genuine page. One single misspelled letter and you could end up handling to cybercriminals all your login credentials on a silver plate.
7. Before proceeding, make sure that the Web page where you enter sensitive data (user name, password, transaction confirmation number, credit card number, CVC and other data) is encrypted. Normally, you should see a locked padlock somewhere in your browser and a page prefix that is https:// in the address bar.
8. For e-banking, you should check with your bank for at least a two-factor authentication procedure – usually based on a security-token. As for online shopping, before making any transactions, enroll your credit card in a supplementary verification program, usually provided free of charge, such as 3-D Secure.
9. Add an insurance to your on-line transactions. It could cost you a bit extra, but it's worthing. Better safe than sorry/broke!
10. Always do some reconnaissance before subscribing or buying online. Find out what others have to say about the e-banking service you want to enroll or a Web site you want to shop from. Ask relatives, friends, your lawyer and bank adviser or simply search on the Internet.
Safe e-banking and e-commerce everybody!
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.