As more and more of my friends are turning 18 this year, most of them have already taken ownership of their savings account. They now have a Credit Card and some of them are using it for online banking particularly to buy stuffs from eBay.com . That’s great but there are some important points to consider before conducting Online Banking Transactions.
First thing to consider, is your computer itself. Is it protected by a ‘good’ antivirus with anti-spyware/malware? Why? Well, know that malicious softwares are sometimes installed on your computer stealthily and record all your keystrokes; yaa ALL of them, including command keystrokes (Ctrl/Alt…) and obviously your passwords.
Secondly, is your connection to the Internet secure? Are you sitting on a public wifi network? Know that on public/open wifi network, anybody with a laptop and an antenna can sniff the communication between you and the Internet unless you are protected (which is not the case for most of us).
Fishing for good deals end up in phishing
Third, are you sure of the site? Have you been redirected to that page or did you type it yourself. Being redirected to ‘compromised’ pages is not new; this technique is known as phishing. The page looks identical to the original one, except that the page is not from eBay or Yahoo, but its for Mr.TheMaliciousHacker (not all hackers are bad guys :P) and then when poor Mr.You enters your credentials, you are doomed (euu not that much besides the fact that your bank statement shows that ‘you’ bought a dozen bottle of high-class whisky).
What is to be done?
- Install a ‘good’ antivirus on your computer/laptop. To start with, I recommend Avast Free Antivirus which requires only an email address for a 1-year renewable registration. I do not recommend cracked versions unless you know you are safe.
- Avoid free/open/public wifi connections for these transactions. Opt for your home network and also, go wired.
- Look for the small padlock in your browser (yaa browser!! NOT on the page only) and for a Certificate when browsing the payment page or any bank/transaction page. Do not access payment/transaction pages through redirects. Did I mention that URLs (Web addresses) can also be masked -in case you are thinking ‘ i’ll read the link first ‘
- Point to be noted: Your bank will never ever ask you for your password through Email !! Never ever believe an email saying that servers were down and they need to recover passwords or they give you a deadline after which supposedly your account will be disactivated. Don’t worry, that will not happen. Think of calling your bank’s customer service if you are not sure. A logo of the bank and the signature of somebody from top-management is not a proof that the request is legitimate (Hackers are also great designers, they can creat a more attractive/appealing/eye-catching than the bank’s marketing/customer relationship guy), nor are the random string of numbers that are supposedly used for security check.
- Foolish advices:
Never disclose your password to anyone, nor your PIN (even to your dog 😛 ).
Use secure passwords and hard to guess security questions.
Of course, there are soo many that can be written here, lots of other advices (more technical ones) that are to be followed, but the ones above are rather enough for a safe browsing/shopping and banking. Nobody likes to pay for stuffs he/she did not buy (except for some loved one or similar); i mean not Mr.TheMaliciousHacker’s 1 am pizza order with extra mozzarella from Azzip Hut.