internet banking
- gagamboy
- Visitor
-
15 years 4 months ago #28678
by S0lo
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Replied by S0lo on topic Re: internet banking
For a personal experience, I've been using internet banking for a long time. Practices including monitoring, moving amounts and buying using credit cards (Done that dozens of times). Never, I have noticed a single flaw or problem. Never had to discontinue a credit card. However, one incident is that (after many years of usage) the credit card company canceled my card for no announced reason 
. I had to renew and get a new card.
From a technical point a view, here is what comes into mind:
1. Never sign in to your banking account using a public/cafe computer unless you make sure passwords are not saved. That you log out. And cookies expired/deleted after session (usually closing the browser should do it)
2. Always buy from legitimate/prestigious/secure selling sites only.
3. Access your online banking Web site by typing the URL into the address bar or by clicking your personal confirmed bookmark, rather than clicking links you might see in an email or an instant message. Such links could lead to phishing sites that can be malicious.
4. Always check for the browser "lock" icon, but understand that this only means a secure SSL communication channel, not necessarily a legitimate web site. Clicking on the lock will typically show you the Website SSL Certificate, if the website/company/bank is really who it is claiming to be, the Certificate will show that and it will show you which authority is confirming this verification. Such as Verisign.
5. Use a strong password, at least eight characters, with a combination of numbers, letters, and punctuation symbols. Don't use the same password for banking that you use for other online accounts. Change your password periodically.
I have to say that with the recent flaws in MD5 hashing algorithm:
www.firewall.cx/modules.php?name=News&am...;order=0&thold=0 www.doxpara.com/md5_someday.pdf
One might start to worry since typical SSL/Certificates use MD5. Still, it's not straight forward to exploit the flaw since it requires a huge amount of cpu power first, then it will require a phishing site or doing a man-in-the-middle attack. Thats as far as I understand it from what security researchers say.
. I had to renew and get a new card.From a technical point a view, here is what comes into mind:
1. Never sign in to your banking account using a public/cafe computer unless you make sure passwords are not saved. That you log out. And cookies expired/deleted after session (usually closing the browser should do it)
2. Always buy from legitimate/prestigious/secure selling sites only.
3. Access your online banking Web site by typing the URL into the address bar or by clicking your personal confirmed bookmark, rather than clicking links you might see in an email or an instant message. Such links could lead to phishing sites that can be malicious.
4. Always check for the browser "lock" icon, but understand that this only means a secure SSL communication channel, not necessarily a legitimate web site. Clicking on the lock will typically show you the Website SSL Certificate, if the website/company/bank is really who it is claiming to be, the Certificate will show that and it will show you which authority is confirming this verification. Such as Verisign.
5. Use a strong password, at least eight characters, with a combination of numbers, letters, and punctuation symbols. Don't use the same password for banking that you use for other online accounts. Change your password periodically.
I have to say that with the recent flaws in MD5 hashing algorithm:
www.firewall.cx/modules.php?name=News&am...;order=0&thold=0 www.doxpara.com/md5_someday.pdf
One might start to worry since typical SSL/Certificates use MD5. Still, it's not straight forward to exploit the flaw since it requires a huge amount of cpu power first, then it will require a phishing site or doing a man-in-the-middle attack. Thats as far as I understand it from what security researchers say.
Studying CCNP...
Ammar Muqaddas
Forum Moderator
www.firewall.cx
Time to create page: 0.152 seconds