Thursday, May 10, 2007

Does it really matter how well a bank protects their site?

Dark Reading had a story that caught my eye (courtesy of Bank Systems & Technology) stating that a 150 million people in the United States are scared of online banking.

For fear of becoming the next victim of identity theft, 150 million U.S. consumers don't bank online, according to experts. But the banking industry could improve profitability by as much as $8.3 billion per year if banks build consumers' confidence in online security, according to the TriCipher Consumer Online Banking Study, conducted by Javelin Strategy & Research (Pleasanton, Calif.) for TriCipher, a Los Gatos, Calif.-based authentication solutions provider.

One thing to consider is that in most instances, where an individuals banking or personal information is compromised -- it is because they downloaded malware (crimeware), or they gave it up by more social means -- often referred to as phishing.

A bank site might be well protected, but if your computer system is NOT, it's probably still at risk. There are also a lot of spoofed fake bank sites out there that look pretty convincing to the untrained eye.

If you are unfortunate to pick up a keylogger -- everything you "key" is logged and sent back to the person -- who dropped it on your system. If the crook gets your user name and password, no amount of security on the bank's site is going to stop you from being victimized.

Most keyloggers are dropped on a system, when the user clicks on a link they shouldn't have in a spam e-mail.

Perhaps, the key is to make sure your system is well protected, and learn to protect your information, personally.

I use online banking myself, but I'm not going to rely on the bank to protect me.

The best defense against identity theft is using common sense, which in the case of computer systems, should include current protection from a reliable computer security vendor. Of course, being aware of the more social ways information is stolen is highly recommended, also!

My own bank tries to sell me online banking as a means of preventing identity theft. They remind me (every time I log on) that it's a way to prevent my personal information (sent in snail mail marketing offers) from being stolen.

On a personal note, I remind myself, I'm saving a tree or two. It also reduces the amount of documents, I have to shred. Thinking of it that way, gives me more peace of mind.

The last time I asked a Postal Inspector, mail theft hasn't stopped, and still is a way identity thieves steal a LOT of information.

You can opt out from receiving this snail mail (highly recommended), here. If you do, the credit bureaus will stop marketing your personal information, and it will be less available to steal.

As long as corporations are making a lot of money by keeping the commodity (our information) easy to use, criminals are going to find ways to steal it. After all, it's become highly profitable for them, also.

Dark Reading article (courtesy of Bank Systems and Technology), here.

No comments: