Internet has revolutionized the way online users can shop and avail banking services like internet Banking from anywhere, anytime without visiting bank. But, how safe is your money with online net-banking which allows to carry out money transfer? Companies and in some case individuals lost anywhere from $10,000 to $500,000 dollars because of a single malware infection. The cyber crooks are targeting innocent MS-Windows user. If you are concerned about how best to protect yourself from this type of fraud, use Linux LiveCD for online banking and avoid Microsoft Windows at all cost.
According to this blog (found via Slashdot) post:
While there are multiple layers that of protection that businesses and banks could put in place, the cheapest and most foolproof solution is to use a read-only, bootable operating system, such as Knoppix, or Ubuntu. Malware that is built to steal data from Windows-based systems won't load or work when the user is booting from LiveCD
Few More Security Tips
Bank and credit card issuer don't care about your money. You need to worry about your own money. Here are a few more tips:
- Do not do online banking, period. Go and see your banker personally ;)
- Another option is to have a two or three bank accounts. Only use one for netbanking and disable the netbanking for other account.
- Use dedicated Laptop or desktop.
- Use a Linux LiveCD.
- Use licensed Windows software on your computer and avoid pirated version.
- Always use latest version of browsers to connect to the Internet
- Disable autologin and do not allow unauthorized access to you computer.
- Use strong passwords for user account and netbanking.
- Apply latest security patches and turn on autoupdate.
- All Windows user should use anti-virus, anti spyware and personal firewall.
- Turn on your Wifi router firewall.
- Always use WPA / WPA2 with TKIP or AES encrypting with a strong paraphrase (wifi router).
- Change paraphrase every month and disable UPnP (wifi router).
- Use VPN if possible.
- Do not click on any links while browsing the Internet. Use Firefox with NoScript addon. Unwanted link can trick your computer and it can download malicious software or key-logger on to your computer.
- Only download Free software from trustworthy source. Many freeware software, games and screen-savers may have Trojans installed that would transfer password and other sensitive information to crooks.
- Never ever click on the links in emails asking for confidential information. No bank or government department (such as Income tax department) asks your confidential information as they already have all your information.
- Never ever open attachments received from unknown sender or email that claims to show you nude pictures of famous females. They may contain virus infected files most of the times.
- Protect your email-id against spam and viruses. You can use server side spam filtering software such as Spamassassin, Clam Anti-Virus, Maia-Mailguard, and FuzzyOCR.
- Make sure the Web page you are viewing offers encryption of your data while shopping or doing online transactions.
- When not in use, disconnect the Internet and system from the router to avoid unwanted access.
- Activate a screen saver with password protection to protect your terminal session.
- Use two factor authentication. Many banks offer add-on service for the authentication. For example, ICICI bank sends you a one time password for all online banking transactions via SMS. You need to enter the same to complete the transaction. Other banks offer RSA crypto-key chains which change your regular password into a one password+8character unique random number. All our VPN networks and ssh servers logins are also protected using RSA crypto-keys.
How do you protect yourself from this type of frauds?