Articles originally from Lancaster Rose Credit Union‘s Matt Steffy
When it comes to online banking best practices, there are plenty of ways to protect yourself, and your money, from possible fraud or compromise. Here at Lancaster Red Rose Credit Union, we want all our members to understand the threats out there and how they can protect themselves.
Here I’ll share the first 5 tips in my overall list of Top 10 Online Banking Best Practices that will help you perform online banking in a safer and more trusted environment.
1. Install Anti-Virus And Anti-Malware Software
This is the one strategy that I cannot stress enough. If you don’t have anti-virus and anti-malware software installed on your computer, I ask that you please not do any online banking on that system.
A computer without protective software cannot be trusted, as you have no way of knowing for sure if it’s been compromised or not. By installing anti-virus and anti-malware software and keeping them up-to-date, you’re keeping yourself protected while conducting online banking, as well as any other online activities you may do on that computer.
2. Go One Step Further: Install Anti-Exploit And Browser Integrity Software
On top of having anti-virus/malware software, you can protect your computer and online activities even further by installing anti-exploit and browser integrity software. This type of software actually protects your browser (and, optionally, programs such as Java, Adobe, etc.) from exploits that are used to infect computers with Banking Trojans and other malware.
Cyber-criminals use what’s called an ‘Exploit Kit,’ which attempts to serve malicious software to unsuspecting victims. If you should accidentally click on a malicious email link you could be taken to one of these exploit kits. Once there, the website will attempt to use multiple exploits on your computer, trying to find one that the computer is vulnerable to. These tactics can often bypass detection by traditional anti-virus/malware software.
3. Don’t Save Your Login Info
Whether you’re doing online banking from your home or work computer, get in the habit of not saving your login information, even if prompted by your internet browser. This is my suggestion for any website used for making purchases or accessing personal information.
While saving your login information may be more convenient, in reality you’re making yourself more vulnerable should your computer ever be compromised.
LRRCU’s online banking system (as well as many other online services that require a log-in) includes a feature that allows you to tell the site that you’re logging in from a trusted and personal computer. Make sure to only select that option if it truly is a personal computer that you trust.
4. Avoid Public Computers/WiFi
Avoid using public computers for doing any kind of internet activity that involves personal accounts, such as online banking, online shopping, or even Facebook and Twitter. For example, avoid computers at libraries, hotels, or schools for these kinds of online activity. You have no control over that computer and have no clue who has done what with it.
Also, when using your own laptop, tablet, or smartphone, make sure that when you conduct online banking that you’re doing so from a trusted internet connection. Using public WiFi connections should be treated the same as using the internet on public computers. You don’t know who else is connected to that WiFi and what they may be doing.
If you need to access your online banking while connected to a public WiFi, look into using a free VPN (Virtual Private Network) service like HotSpot Shield which allows you to have a secured and encrypted internet connection even while connected to an unsecured public WiFi.
5. Keep Software Updated
Keeping your computer software updated is critical to keeping your system protected. Cyber-criminals continue to look for vulnerabilities in commonly used software such as Java, Adobe Reader, etc. By not updating your computer software, you are opening yourself up to new vulnerabilities.
6. Be Careful With Your Personal Email
The most common way that people accidentally compromise their computer is by clicking on malicious links in emails and opening malicious email attachments. Again, cyber-criminals compromise computers so that they can steal sensitive information, such as online banking and other website credentials saved on your computer. The most common means of compromising computers is via malicious emails.
You always want to be careful when checking your personal email on a device you also use for online banking. Be cautious of vague emails from sources you are unfamiliar with. Don’t blindly click on links or open attachments from an email address of someone you’ve never been in contact with before.
Even if the email is from someone you know, if they send you a link or attachment and you were not expecting it, verify with them first that it’s legitimate. If an acquaintances’ computer or email account has been compromised, the exploit can push out malicious emails to everyone on their contact list in an attempt to lure more unsuspecting victims.
7. Create Unique Passwords
Make sure your online banking account is protected with a very secure and unique password. Do not use the same password for online banking as you do for other websites. What’s important to keep in mind is that if you’re re-using passwords, all it takes is one website to be compromised and the cyber-criminals now may have the credentials you used for online banking and elsewhere.
8. Verify HTTPS Connections
This is a simple, yet effective way to make sure you’re conducting your online banking through a secure connection. The difference between HTTP and HTTPS is that the ‘S’ indicates your session is secured via encryption.
A tactic used by some cyber-criminals is to use SSL Stripping tools that will attempt to force your internet browser to connect to a website using just HTTP instead of HTTPS. If they are able to do so, all the information you send through that HTTP session will be sent in ‘plain text,’ which means it’s easy to grab and intercept. So, when you’re logging into any website or service like online banking, check that the website address is showing that you’re connected through a secure HTTPS session.
9. Use a Live CD/USB
A Live CD/USB is either a CD or USB drive configured to boot up any computer into a secured and isolated environment. In situations where you need to use a public computer, this option allows you the reassurance that you’re using a safe and secure computer.
They work like this: you insert a CD/USB and upon rebooting the computer, you’re able to load a safe operating system that’s completely separated from the operating system installed on the computer you’re using.
While this subject is a lot more technical than can be explained in this blog, have a look at a Live USB device called ZeusGard that was specifically made for the purpose of conducting safe online banking no matter what computer you may be using.
10. Protect Your Phone
When it comes to doing online banking, many people are now starting to do more with their smartphones. Whether using your phone’s browser to access online banking or using a mobile app, you want to make sure your phone is safe.
As previously mentioned, do not save your login information on your phone. Protect your phone with an anti-virus software, if available, and make sure you keep the phone’s applications up to date. To better protect your personal information, configure your phone to be encrypted or at the very least put a passcode on the phone in case it’s ever be lost or stolen.
As you can see, there are a lot of ways you can be better protected when conducting online banking. While not all these online best practices may seem convenient, remember that these extra steps, and the time you take to better secure your online banking experience, are much easier than dealing with the headache of fraud. Your local credit union wants to help you keep your data secure. Find a credit union to join that will keep your money safe at asmarterchoice.org