[AI] 12 Tips To Protect Your Data While Doing Financial Transactions Online

sunilsangtani sunilsangtani99 at gmail.com
Sat Jun 5 15:22:30 EDT 2010


When was the last time you went to your bank, chatted with the teller
or stood in long queues to pay bills? If you don’t remember doing any
of this in the recent past you can very well call yourself a ‘Smart
Online banker’. With hectic schedules and long working hours, Online
Banking has become a boon for working individuals. But with growing
internet user landscape, socially engineered online security threats
like Malware and Phishing too are evolving. As per a recent CERT-In
report, 901 websites have been defaced in March as compared to 500 in
February this year.
Stats like this reinforce the need for consumers to protect themselves
when surfing online. If not protected it will be easier for hackers to
source your personal information, damage your PC with Malware or rob
you off your hard earned savings.
By taking some simple steps, you can dramatically reduce these online
threats. And can be rest assured that your hard earned money will be
protected.
How to do Internet Banking ‘safely’?
1. Be aware always. It is a good idea to register yourself to your
banks Mobile Banking service so that you keep receiving alerts
whenever there is a significant transaction made in your account. This
will also help you identify and report any transactions that are not
legitimate.
2. Know which website is safe. Malware attacks are rampant on the
internet and can compromise your data, privacy, and identity while
also damaging your computer and valuable personal data. By default
Internet Explorer 8 runs SmartScreen Filter that protects your
computer better by warning you when you attempt to view sites or
download files that are potentially unsafe. If the SmartScreen Filter
is active and you attempt to visit a website that isn’t considered
safe, the address bar turns red and prompts you to take alternative
actions. If it detects a malicious website, Internet Explorer 8 will
block the entire site. It can also provide a “surgical block” of
malware or phishing hosted on legitimate websites – blocking just the
malicious content without affecting the rest of the site. IE8 has done
over 560 million malware blocks till date which only goes on to show
the quantum of the problem consumers face.

Figure 1: IE 8 warns you about phishing scams. The title bar includes
the name of your bank, but the highlighted domain is not the bank’s
URL.

	

Figure 2: What you see when SmartScreen blocks sites and downloads
that have been reported as unsafe.
3. Identify fake web addresses. To overcome phishing threats you
should be very particular about the web addresses (URLs) that you are
typing on the address bar to avoid deceptive and phishing sites into
tricking you with misleading addresses. The Web address might look
very similar to the address of a legitimate business, with a minor
change. For example, instead of www.bankofindia.com, the scammer might
use www.bankofinda.com. The intent is to lure you into clicking onto
their Web site and giving your personal information, such as your
account number and password. Always check to see that you have typed
the correct Web site address for your bank before conducting a
transaction. Internet Explorer 8 users are aided by the feature Domain
Highlighting that lets you easily interpret web addresses (URLs) to
help you avoid deceptive and phishing sites. It does this by
highlighting the domain name in the address bar in black, with the
remainder of the URL string in gray, making for easier identification
of the sites true identity.

Figure 3: IE 8 highlights the domain in links you visit, so you know
where you’re really going.
4. Protect yourself from emerging threats. Cross-site scripting
attacks are one of the increasingly sophisticated methods online
criminals use to get your personal information. Cross-site scripting
attacks try to exploit vulnerabilities in the websites you use. In
this attack, you might receive an email that contains a tampered
website address. Once you click on the link, you are directed to a
legitimate website that has been compromised to contain malicious
content that can capture keystrokes and record your login and
password. By default Internet Explorer 8 helps protect you against
these attacks by detecting and disabling the harmful scripts with a
built-in Cross Site Scripting (XSS) Filter that is always on.

Figure 4: IE 8 detects potential cross-site scripting vulnerabilities
and disables harmful scripts.
5. Browse more privately. When you’re using a public computer to check
your bank account or for online payments, it’s a good idea to use
InPrivate Browsing – a feature that helps prevent your browsing
history, cookies, and other information from being saved on the
computer. If you’re using a public computer, InPrivate Browsing can
prevent information about your online usage from being abused by third
parties. An alarmingly growing phenomenon on the internet is tracking
of keystrokes typed into the browser you use, that allow for
aggregation of a record of browsing habits, and personal information.
The InPrivate Filtering option in IE8 enables users to gain greater
control and choice over what is displayed.

6. Always completely log off. It is important to completely log off
from your Internet banking session; simply closing the window you
performed the transaction in may not close the banking session. This
could mean that your session may become hijacked by a criminal and can
be used for illegitimate financial transactions. It is also advisable
to disconnect from the Internet if you are not planning to use it.
7. Know your mail. Never respond to unsolicited e-mail offers or
requests for information. Most of the banks do not use e-mail to
communicate any personal information or ask you to share your personal
data over email. Messages like “Verify your account”, “If you don’t
respond within 48 hours; your account will be closed” are all likely
to be identity-theft phishing scams. Be cautious about such mails and
do not provide your personal or financial information online. So, the
next time you get a mail from a bank asking you to update your credit
card information do not respond: this could be a phishing scam.
8. Make sure your bank Web site uses encryption. To confirm that a
site uses encryption when processing credit card information, look
for:
o An “s” after http in the Web address – it should read “https”
o A tiny closed padlock  in the address bar or lower-right corner of the window
o A green address bar – Internet Explorer 8 uses this to indicate a
trustworthy site


Figure 5: Example how you can confirm the site uses encryption in IE8.
9. Keep your Software Up-To-Date. The software you use and the
Internet itself can impact the security of your online activities.
Therefore, you should watch for security bulletins that warn you of
various security “holes” or “bugs” that may impact the software and
web browser you are using. It is very important to check the websites
of your operating system and web-browser for software “patches” and
“updates”. Some operating systems and software can be configured to
automatically check for new updates. At Microsoft, we continue to make
improvements to our software to help protect your computer. Visit
Microsoft Update to scan your computer and install any high-priority
updates that are offered to you.
10. Install & Update Anti-Virus Software. Your first level of defence
against phishing scams and other malicious humans or software is to
secure your computer. Always protect your computer by using up-to-date
anti-virus software that is capable of scanning files and e-mail
messages for viruses. Microsoft Security Essentials is a free download
which provides real-time protection for your computer against viruses,
spyware, and other malicious software.
11. Browser cache: You should be aware that Web browsers will store
information on your computer even after you are finished conducting
your online activities, this is called caching. Therefore, you should
close your browser once you are finished using the Internet,
particularly if you visit secure sites to conduct financial
transactions, check account balances or view any other information
that you regard as private and confidential. To clear your browser
cache, follow the below process:
o On your Internet Explorer
§ Go to “Tools”
§ Go to “Internet Options”
§ Select “General”
§ Click on “Delete Files” at “Temporary Internet files”
12. Change your password regularly. To protect your banking data, it’s
a good idea to create strong passwords and keep them secret. Also, you
should always change your online banking passwords periodically at
least every month.
The key is to be aware when you are surfing online and keep these tips
in mind. So, by upgrading your browser today, making sure the other
software on your PC is up to date, and learning how to identify and
avoid common attacks, you can better protect your computer and your
personal information.
[Thanks To Microsoft Consumer & Online For All The Information]



-- 
"Woods are dark and deep,
I have promises to keep,
And I have miles to go before I sleep."
sunil sangtani




More information about the AccessIndia mailing list