Last Update: 1/23/2020
Online banking and online trading have been gaining market share every year. Security breaches make headlines almost daily. With more and more people going online, consumers are worried more than ever about keeping their online banking and online trading safe and secure. In this article, we will help you bank and trade more securely.
Secure your computer, web browser, Internet connection
Follow our guides to secure your Windows PC or secure your Macintosh by installing the right software, firewall, antivirus software, etc. Secure your mobile devices: iPhone, Android smartphone or tablet, iPad. Configure the settings and add plug-ins to you web browser so that it is more secure. Consult our tutorials for: Internet Explorer 9, Google Chrome, and Mozilla Firefox. Secure your Internet Connection: Wireless Network, Public Wi-Fi.
1. Configure your wireless router for optimal security. Consult our article How to set up a secure wireless router for details. For maximum security, do your online banking and online trading when connected by a hardwired connection such as Ethernet.
Burning Linux Live CD to a write only media such as a CD/DVD or a USB drive with Write protect switch, helps prevent any changes to a virgin Linux distribution. Keep in mind that no bookmarks, password managers, etc would be accessible.
The CD versions do take many minutes to boot up and ask you if you want to try Linux, so the USB route is definitely preferred.
4. Make sure you are accessing the online banking or trading website is using a secure connection, look for https:// in the browser’s address bar and a padlock icon in the browser. A broken key, broken padlock, or any open lock indicates it is not secure. If you want to ensure security, see if the bank or brokerage takes transactions over the phone.
5. When creating an account at the online bank or brokerage, we recommend you use a unique password as it is far safer in case the website gets hacked. You would not want hackers to get a password that worked on other websites. Consult our How to create, store and use secure passwords article for suggestions.
6. Sign up for alerts from your bank or brokerage by email or text message. This will allow you to respond to any fraud rapidly. Also carefully check each month’s statement for erroneous or fraudulent transactions. Consider checking your outstanding transactions every couple of weeks via the company’s website.
7. Two factor authentication is available from many banks and brokerage houses. Bank of America, Citi, Schwab, Fidelity Investments, and several other companies have this available, so check with your representative. This technique forces the use of both a password and a number generated by the hardware security token in your position, both are needed in order to log in. Clearly if criminals got a hold of your password, they would not be able to login.
Two factor authentication systems using SMS text messages are not secure, due to hijacking of mobile phone accounts and the weak SS7 routing system. Even Reddit got hacked this way. We suggest only using two factor when you can use a physical token or a time based authenticator like Google’s. Send text messages to a VoIP number such as Google Voice instead. Do not allow Google Voice to forwards Texts/Calls to your main number.
- A new paper in 2020 from Princeton researchers shows how easy it is to pull off a SIM Swap against AT&T, Verizon, T-Mobile and others.
8. To avoid falling victim to e-mail phishing, never click a link or open an attachment from an e-mail. This is especially true for online banks and online brokerages. Manually type the URL into your browser.
Opening Attachments Safely with Gmail
Forward the email with attachment to a Gmail account. From there, you can use Google Docs to open Word Processing, Spreadsheets, etc. No need to endanger your own computer.
9.Internet Explorer Virtual Machine – Designed for web developers to test compatibility with different versions of Internet Explorer, these Virtual Machines for Microsoft’s Virtual PC allow you to run a Virtual computer on your desktop with Internet Explorer pre-installed. If you mess up the Virtual computer, you can just delete it and start fresh from a new image. You can perform your online banking and trading within the virtual machine to increase security.
10. When banking or trading on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.
11. Explicitly logout after you are finished. Do not just close the browser. This helps terminate your session officially.
Things Not To Do
1. Do not bank or trade when using public wifi hot spots or when using a shared computer in a cyber cafe. Many of these locations provide little to no security and are prone to snooping or malware. This warning also includes smartphones and tablets connected to public wireless internet.
Do these safeguards make sense?