This is a long article, but well worth the read.  Some of it has been chopped   
   off by me using "[...]" to shorten her comments.   
       
   12 steps to safer online banking   
       
   Posted July 8, 2016 by Wendy Zamora   
       
   Gone are the days of balancing check books. The advent of online banking has   
   made budget-keeping and bill-paying a convenient, if not automatic,   
   transaction for adults managing their finances.   
       
   Which is why it's a prime target for cybercriminals.   
       
   According to a recent study by Fiserv, 80 percent of U.S. households now do   
   their banking online. The sheer number of customers is a likely attraction for   
   threat actors. But what makes online bankers irresistible prey is that a   
   breach results in direct access to their money-no need to bother with a   
   ransom. That's probably why more than 25 percent of malicious activity online   
   is aimed at financial institutions.   
       
   "Mobile banking has a tighter ecosystem than desktop online banking and some   
   technical advantages that improve security," says Seth Goldstein, a Certified   
   Information Systems Security Professional (CISSP) with nearly 20 years of   
   experience in banking IT. However, mobile banking isn't foolproof. In 2016 (so   
   far), Malwarebytes' Mobile Intelligence Database has flagged more than 12,000   
   unique Android application packages (APKs) as banker Trojans.   
       
   How cybercrooks steal your cash   
       
   From social engineering scams to spear , there's no method crooks won't try to   
   get to your money. The most common techniques center on fooling you into a   
   sense of security by pretending to be your bank. Whether that's in the form of   
   a spear phishing email that copies the logos of your financial institution or   
   spoofing your mobile banking app, criminals have become adept at pulling wool   
   over the eyes of online bankers, who are now accustomed to receiving digital   
   communication from their banks. Smishing, or sending malicious text messages,   
   has been a popular attack method for years, luring customers into entering   
   their login credentials via text.   
       
   In 2014, several thousand JP Morgan mobile customers received a text message   
   containing a link to this phony login screen.   
       
   In 2014, several thousand JP Morgan mobile customers received a text message   
   containing a link to this phony login screen.   
       
   With so many susceptibilities in both desktop and mobile online banking, it's   
   important to not only choose a bank that offers high level protection for your   
   accounts, but also take your own initiative to keep those accounts secure.   
   That's why we've come up with 12 steps for safer online banking.   
       
   How banks protect your accounts   
       
   The first part of our 12-step program centers on the protections that banks   
   have to offer for their customers. In choosing a financial institution with   
   which to conduct your online banking, look for these top-level security   
   measures. After all, banks have just as much to lose if you get breached.   
       
   1.  Two-factor authentication: These days, a strong password is not enough.   
   The safest banks offer multiple-step login processes that require both   
   something you know (a password and/or security questions) and something you   
   have (your phone, which will receive a text message of a second code you'll   
   need to enter to gain access).   
       
   2.  SSL secured websites: On any website where a financial transaction takes   
   place, secure communication is key. Look for the padlock icon to the left of   
   the URL. If it's there, that means the information passed between your bank's   
   server and your browser remains private. In addition, the URL should read   
   "https" and not just "http."   
       
   3.  Automatic timeout sessions: Banks that close out your session after a few   
   minutes of inactivity protect you from prying eyes and human error. Better to   
   have to log back in than to have someone swipe your account numbers while   
   you're on a bathroom break.   
       
   4.  Fraud monitoring: Any bank worth trusting with your money should have   
   continuous, real-time monitoring for fraudulent activity such as large   
   withdrawals or purchases made in new locations.   
       
   5.  Mobile password protection (fingerprint scanning): A twist on two-factor   
   authentication right out of a spy movie, many mobile banking apps offer   
   fingerprint scanning as an additional method of verification. The safest   
   banking apps also require that phones be password protected if fingerprint   
   scanning is to be used.   
       
   How you can protect your accounts   
       
   The second part of our 12-step program is all about user education and action.   
   Once you've found a bank that can pull out all the online security stops, it's   
   your turn to step up the game. "The SANs Digital Forensics and Incident   
   Response group published a poster a couple of years ago with the catchphrase,   
   `Know Normal.Find Evil.' This should be the mantra for online and mobile   
   banking users," says Goldstein. Take these precautionary measures to   
   understand what's normal communication from your bank, what's suspicious, and   
   what you can do to ward off malware attacks.   
       
   6.  Beware phishing emails and texts. Keep a sharp eye on email and text   
   communications from you bank. Unless absolutely certain of the email or text's   
   origins, avoid clicking through links, especially if they ask for login or   
   other personal identification information.   
       
   7.  Report suspicious activity right away. "One of the most important benefits   
   of Internet and mobile banking is the convenience for users to check balances   
   frequently," says Goldstein. He recommends customers follow their account   
   activity in order to quickly identify and report abuse. "It's much easier for   
   banks to research and take action on recent transactions, and it gives you the   
   best leverage to recover any losses."   
       
   8.  Make sure you download the official app of your bank. Whether downloading   
   from Google Play or the App Store, be sure to check reviews, read summaries   
   carefully, and double and triple check who and where the app comes from.   
       
   9.  If possible, don't use a public computer and/or public wifi for banking.   
   If you don't have Internet access at home, make sure you sign out of your   
   account before closing the browser. And if you're sitting at a caf‚ working on   
   your blog, that's not the best time to catch up on your bill-paying. Public   
   wifi is much easier to breach than your own password-protected home connection.   
       
   10.  Buy a computer just for bills. For those willing and able, purchasing a   
   laptop dedicated only to financial transactions helps limit the potential for   
   infection and breach. That means online banking and bill paying only. No   
   checking email. No surfing the web. No social media. Start up, check accounts,   
   and shut down.   
       
   11.  Customize online banking transactions. Take a look at the admin controls   
   of your online banking accounts. Some banks let you limit online transaction   
   capabilities, like international wire transfer. The less you do online   
   (without completely hindering the convenience of online banking), the safer   
   your money is.   
       
   12.  Layer your security. The more the merrier. Firewall and antivirus can   
   stop known threats, while anti-malware and anti-exploit cover advanced threats   
   like malvertising and ransomware. And to protect against those malicious   
   mobile banking apps, consider an anti-malware program for your phone.   
       
   For the safest online banking experience, it's best if you live by two credos.   
   One is to know thyself. By keeping an eye on your online accounts and credit   
   score, you can stay on top of abuse. The second is to know thy adversary.   
   "Your bank doesn't ask you to confirm account details via email or call you   
   for personal information," says Goldstein. "There is no urgent matter that   
   requires verifying your responses to `secret' questions or sharing the CVV   
   code on the back of the card to prove your identity." Simply put: if you are   
   asked to share account details in any way-don't. And if you want to pay it   
   forward, notify your bank's call center when you receive these suspicious   
   communications. You just might help to protect the next online banker, too.   
       
   May 9, 2012 - At Malwarebytes we are a bit obsessed with protecting our users,   
   which causes us to approach our jobs from all sorts of different angles. One   
   of my favorite aspects of this is how we tackle malware right at its source:   
   the servers that deliver it. Our team works around the clock to identify and   
   block [...]   
       
   Telephony Scams: Can You Help?   
       
   May 24, 2012 - Back in 2009, I wrote about a telephony based scam that had   
   gained momentum, and which sadly appears to have grown since then - invading   
   other countries and scamming more victims. Since then, various other people,   
   including my friends at Microsoft, have been investigating the companies   
   involved, to try and both raise awareness [...]   
       
   Phishing 101: Part 1   
       
   June 29, 2012 - This week, there is a lot of media hype over emails being sent   
   to users of the Royal Bank of Scotland and NatWest because of severe IT issues   
   making it impossible for users to access their accounts online. The emails   
   offer users the ability to log-in to their accounts and provide a link to the   
   [...]   
       
   Phishing 101: Part 2   
       
   July 3, 2012 - "Over the years, phishing attacks have changed, as with most   
   things, and have been segmented into different groups of variants." -Me If   
   there is one thing you can say about cybercriminals, it's that they are   
   adaptive. As I mentioned last week, phishing attacks have evolved from just   
   fake web pages and official looking emails to [...]   
       
   July 13, 2012 - Over the last few weeks I have described numerous methods of   
   phishing attacks and a few examples what they do or may look like.  In this   
   final installment, I will shed some light on how phishing attacks are done and   
   a few real world examples of techniques used by Phishing scammers. Finally, I   
   will discuss [...]   
       
   ABOUT THE AUTHOR   
       
   Wendy Zamora   
   Content Writer   
       
   Masters in Journalism from Stanford, but don't let that fool you. Expert in   
   writing down what other people say and typing it up.   
       
       
   Regards,   
       
   Roger   
      
   --- DB 3.99 + Windows 10   
    * Origin: NCS BBS - Houma, LoUiSiAna (1:3828/7)