The latest RSA Online Fraud Report (FRARPT) from August 2009 displays a significant growth of password fishing (phishing) attacks. Compared to July 2008 phishing attacks increase over 40 percent to 13,212 attacks in July 2009. During standard attacks dropped down fast-flux attacks are en vogue. How to protect your internet banking against phishing, viruses, trojan and spyware?
Most people believe their computers are protected by firewall and anti-virus software. That’s it. But what will happen if you open some ports or download infected files with unknown new viruses? For this reason some people spend a lot of money into the security industry to protect their PC or network. I think security is a multi-part concept. There are some simple options partially for free:
Router with restricted MAC addresses
You can close your network via router. A restricted list including MAC addresses of your network computers only are able to defend your internet connection against external access. Additional an external access via wlan routers should be blocked by encrypted connection.
A separate – may be older – computer used for online banking only works like a service terminal at home. Password protected with firewall and anti-virus software should it be a safe option.
Bot networks love static IP-addresses. If your internet service provider offers dynamic IP-addresses your will minimize the risk of attacks.
Second Operating System Linux
MS Windows for games and Linux for work and online activities? Try Linux as your second operating system. Today it’s easy to use. You can test your hardware by a Live-CD without installation. Your benefits: Linux is open source, it comes for free, it’s safer than MS and it’s not the main target for hackers.
Using anti-virus software is a further step to more online security. It’s standard. Keep it up to date and run system checks periodically.
Periodically updates of your operating system and anti-virus software minimize security gaps.
Using a firewall is standard. One of it should be enough. Keep it active.
Open trustworthy files only. Attachments with extensions like *.exe, *.pif or combinations like *.pdf.exe should be a warning.
Hyperlinks In Emails
Phishing emails offer hyperlinks connected to phishing websites. Such hyperlinks appear like normal internet addresses but includes invisible links to phishing sites. This sites look like banking homepages e.g.. But you have to login with your account data and TAN for verification of something and someone is able to access to your banking account already. For this reason don’t use copy & paste or mouse click. Always type manually your banking URL into the browser bar.
Download, save and open trustworthy files only. E.g. some homepages lead you to believe in checking your operating system for viruses, trojan and spyware. After checking they offer a cleaning software (*.exe). It’s funny if a Linux system will be online verified with display a MS layout. Such pages are a clear case for leave and forget.
To crack a password you need much computer power. The stronger a password the better. Your password should contain a sufficient number of letters, figures and additional characters. Change your password periodically and don’t write it anywhere. Keep it confidential.
Many security gaps exist to attacking computers and networks. Please ask your bank and your internet service provider for a guide to protect your online connection. Did I forget anything? What’s your security concept?