Discussion on:
View:
Show:
Do you risk on-line banking at a public Wi-Fi hotspot? If so, how do you go about it? It's not fair to say that you burrow through the company's VPN out to the the Internet either.
I've seen several innovations from financial instituions to prevent Phising and other types of hacking.
For example, my ING account has a numerical pin number. When logging into the account, the website displays a normal 10-key number pad with random letters for each number that change. You can either click the numbers or enter the corresponding letter. Anybody sniffing your key strokes wouldn't get through with the same set of keystrokes.
Doesn't this kind of security eliminate the possiblity of sniffing through public Wi-Fi?
Other banks have set up ways to send you a text message with a PIN that will work only once. Everytime you log in, you get a new Pin via text message.
Does this also not eliminate the problems with somebody snooping on a Wifi network?
For example, my ING account has a numerical pin number. When logging into the account, the website displays a normal 10-key number pad with random letters for each number that change. You can either click the numbers or enter the corresponding letter. Anybody sniffing your key strokes wouldn't get through with the same set of keystrokes.
Doesn't this kind of security eliminate the possiblity of sniffing through public Wi-Fi?
Other banks have set up ways to send you a text message with a PIN that will work only once. Everytime you log in, you get a new Pin via text message.
Does this also not eliminate the problems with somebody snooping on a Wifi network?
the ATM or teller. I dont do online banking either wired or wireless.
However, I do shop online quite a bit, but I have a card specifically for it with a low limit.
However, I do shop online quite a bit, but I have a card specifically for it with a low limit.
I think other credit cards may do this as well. I use Discover as it has a feature on their website where you can get a one-time use credit card number. It works well and eliminates any risk of reuse due to theft.
I think some others do as well.
There are many ways to purchase 'safer' online and I have a bunch written up (and posted them before).
There are many ways to purchase 'safer' online and I have a bunch written up (and posted them before).
I would appreciate learning about other firms that supply that feature, if you still have that available. Thanks.
more of a 'here are options to be safer' rather than where to get them.
I think TiggerTwo mentioned a few places that had this feature.
I think TiggerTwo mentioned a few places that had this feature.
I wrote a News blog on a related issue some time back and a whole lot of this information was in it. I want to say that the thread was from February or March. Ran to about 150 or so posts as I recall so should still be around somewhere. I will look for it and link here if I can find it.
http://techrepublic.com.com/5208-6230-0.html?forumID=102&threadID=253522
I think that is the link that discussed various ways to keep your credit information safe.
Edit- added link
http://techrepublic.com.com/5208-6230-0.html?forumID=102&threadID=253522
I think that is the link that discussed various ways to keep your credit information safe.
Edit- added link
because I had already revised my suggestions sheet.
But, maybe I am wrong, I couldnt find the thread in the TR search.
That was quick to reply -- did you get my PM?
But, maybe I am wrong, I couldnt find the thread in the TR search.
That was quick to reply -- did you get my PM?
I will check that post out, thank you very much. I also PM you back. Let me know if it worked OK or not as I did not receive your initial PM. Sorry.
I just sent you a response. 
And as promised in the email, this is what I revise and re-send to my ex-users every year (I am out of IT). If you have suggestions to change it, I am always open to hear them.
Online Shopping Protection
A few tips for Online Shopping for the upcoming holiday season. These tips can/should be used year round while shopping online, but are especially critical during the ?shopping season?. Crackers (hackers with malicious intent) are out to steal your money and/or identity, so please BE SAFE and follow these instructions to reduce your risk.
1. Shop ONLY at trusted websites. If you are uncertain about a company/site, you should investigate before entering your credit card or personal information.
2. Obtain a credit card specifically for online shopping. This should have a low limit to it, be a card that needs to be paid into before using, or have several proxy account numbers that only work for 1 transaction.
3. When in the checkout area, before entering any information, be sure to look at the Secure Status in your browser. If a lock icon appears in the status pane (in Internet Explorer), highlight it and make sure that it reads SSL Secured (128 bit). The status pane is outside of the web page, the lowest bar in Internet Explorer (on the bottom). Also the URL should read HTTPS:// instead of HTTP://
4. Always use Antivirus and Anti-spyware. Keep these current. One of the biggest problems with online identity theft is with keystroke loggers. A program that captures your keystrokes (passwords) and sends them to a remote computer.
5. Keep a Firewall on your system, a good free one is Zone Alarm http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
6. If you feel that you might not be on a safe site, or if you have accidentally navigated to a questionable site, Close Your Browser completely. If it will not close, or if many windows open, Unplug the LAN cable immediately, then select Ctrl ? Alt ? Del, open Task Manager ? go to the Processes tab and end task any and all instances of IEXPLORE.EXE or shutdown your system. Upon reboot Spend the Time to run an Antivirus and an Anti-Spyware scan before restoring your Internet connection.
Use of Usernames and Passwords
If you need to store personal information such as usernames and passwords or other information, keep it in a file on a cd/flash drive, or other EXTERNAL media. Only insert this media when it is needed to be accessed, and remove it as soon as possible after use.
The reason that this may be a better solution than just writing it down and putting it in a safe place, is due to the amount of key-loggers (programs that register your keystrokes and send it to a server) that have been popping up over the last couple of years. Many of these ARE NOT detected from many anti-virus or anti-spyware utilities fast enough to be effective. During the shopping season, new ones are created very rapidly as well.
However, there is good news. They do not register passwords/usernames that are copy/pasted into logon boxes. This can provide a safer way to enter usernames/passwords/and other personal content. Please note, that many websites DO NOT allow pasting by right clicking and selecting the Paste function, however pressing the hotkeys Ctrl + v will normally work.
Hot Spots or Wireless access
Hot spots (generally wireless) are insecure. This is the same for hotel and other public networks. These are generally setup for ease of access/use and not for security.
As an example, there was (a few years ago) an IT Security convention at a hotel, where one of the speakers used a free cracker (hacker with malicious intent) program to prove how insecure these IT professionals actually were. During 1 hour, walking the floor he pulled up 112 username/passwords and over 20 credit card numbers.
Although wireless security has advanced a lot since then, most hot spots DO NOT USE ANY security, or use the minimum available. This puts you and your data at risk. Anyone in the area can ?sniff out? your information across the air and capture it for later use. If a hot spot is needed to be used, then please use a VPN tunnel which will encrypt your data and help to safeguard you. For more about Wireless Home Security, I have created a separate document.
And as promised in the email, this is what I revise and re-send to my ex-users every year (I am out of IT). If you have suggestions to change it, I am always open to hear them.
Online Shopping Protection
A few tips for Online Shopping for the upcoming holiday season. These tips can/should be used year round while shopping online, but are especially critical during the ?shopping season?. Crackers (hackers with malicious intent) are out to steal your money and/or identity, so please BE SAFE and follow these instructions to reduce your risk.
1. Shop ONLY at trusted websites. If you are uncertain about a company/site, you should investigate before entering your credit card or personal information.
2. Obtain a credit card specifically for online shopping. This should have a low limit to it, be a card that needs to be paid into before using, or have several proxy account numbers that only work for 1 transaction.
3. When in the checkout area, before entering any information, be sure to look at the Secure Status in your browser. If a lock icon appears in the status pane (in Internet Explorer), highlight it and make sure that it reads SSL Secured (128 bit). The status pane is outside of the web page, the lowest bar in Internet Explorer (on the bottom). Also the URL should read HTTPS:// instead of HTTP://
4. Always use Antivirus and Anti-spyware. Keep these current. One of the biggest problems with online identity theft is with keystroke loggers. A program that captures your keystrokes (passwords) and sends them to a remote computer.
5. Keep a Firewall on your system, a good free one is Zone Alarm http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp
6. If you feel that you might not be on a safe site, or if you have accidentally navigated to a questionable site, Close Your Browser completely. If it will not close, or if many windows open, Unplug the LAN cable immediately, then select Ctrl ? Alt ? Del, open Task Manager ? go to the Processes tab and end task any and all instances of IEXPLORE.EXE or shutdown your system. Upon reboot Spend the Time to run an Antivirus and an Anti-Spyware scan before restoring your Internet connection.
Use of Usernames and Passwords
If you need to store personal information such as usernames and passwords or other information, keep it in a file on a cd/flash drive, or other EXTERNAL media. Only insert this media when it is needed to be accessed, and remove it as soon as possible after use.
The reason that this may be a better solution than just writing it down and putting it in a safe place, is due to the amount of key-loggers (programs that register your keystrokes and send it to a server) that have been popping up over the last couple of years. Many of these ARE NOT detected from many anti-virus or anti-spyware utilities fast enough to be effective. During the shopping season, new ones are created very rapidly as well.
However, there is good news. They do not register passwords/usernames that are copy/pasted into logon boxes. This can provide a safer way to enter usernames/passwords/and other personal content. Please note, that many websites DO NOT allow pasting by right clicking and selecting the Paste function, however pressing the hotkeys Ctrl + v will normally work.
Hot Spots or Wireless access
Hot spots (generally wireless) are insecure. This is the same for hotel and other public networks. These are generally setup for ease of access/use and not for security.
As an example, there was (a few years ago) an IT Security convention at a hotel, where one of the speakers used a free cracker (hacker with malicious intent) program to prove how insecure these IT professionals actually were. During 1 hour, walking the floor he pulled up 112 username/passwords and over 20 credit card numbers.
Although wireless security has advanced a lot since then, most hot spots DO NOT USE ANY security, or use the minimum available. This puts you and your data at risk. Anyone in the area can ?sniff out? your information across the air and capture it for later use. If a hot spot is needed to be used, then please use a VPN tunnel which will encrypt your data and help to safeguard you. For more about Wireless Home Security, I have created a separate document.
I appreciate the responses. I just found out some interesting things about Paypal that are very encouraging. They allow the use of a SecurID device as well as the option to use a one time credit card number.
The thing I like about Paypal is that your information only resides at one location and not at each eCommerce site.
The thing I like about Paypal is that your information only resides at one location and not at each eCommerce site.
It is suppose to be TLS instead of TSL
Thank you Roger. I am sorry for that error.
It is especially irritating when it happens even after I double check acronyms. I am prone to making those kind of mistakes. Grrrr. Again thank you for pointing it out to me.
It is especially irritating when it happens even after I double check acronyms. I am prone to making those kind of mistakes. Grrrr. Again thank you for pointing it out to me.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
