Today having an online bank account has become common to many people and already in another article we tried to see which are the best online checking accounts in Italy. Unfortunately, we must also add that online accounts on the internet are subject to the risk of hacker infiltration and it is testified by the fact that, every day, on our e-mail box, we receive numerous deceptive emails asking for the password of one's account. online bank.
This is why it is important for every user who uses an online bank account to know and know how to keep their account secure and how to stop intrusion threats.
First of all it is important to know that most of the activities of a hacker do not derive from technical skills out of the ordinary, they are strong thanks to the ignorance of the people and their ingenuity in the use of a PC connected to the internet.
In the meantime, it is not by closing yourself at home that you avoid being robbed; honestly, it makes me smile when I hear people who are afraid of using credit cards on the internet or who do not trust online banks.
The goal is to be free to be able to use your online bank account as you want and, at the same time, to have full security that there is no risk of being robbed.
I can assure you that to meet this goal, there is no need to become a computer expert or to take special courses of any kind, just a good dose of foresight, prudence and attention .
Taking a cue from the general article on how viruses are received that infect computers via email, let's see which are the most common criminal methods that tend to want to enter people's bank accounts:
1) In the most frequent cases hackers (we use this word to find an understandable term even if "hacker" does not mean cybercriminal) do nothing but create a web page identical to that which has an online bank famous as Banco Posta, Banca Intesa -San Paolo, Fineco, UBI Banca, CartaSI, Poste Pay Barclay's and so on.
Then they send email messages to random recipients, using the email addresses that are found on the internet, taking advantage of the statistics that one in 10 will probably be a customer of, for example, Banco Posta, and that, at least a couple of those who receive the email, will drop in the trap.
In the mail, an excuse will be written for which the account holder will have to enter the password of his account.
The excuse can be a security problem, the victory for the extraction of a prize, a loyalty bonus, an operation to be confirmed and so on.
2) An email with images or attachments always coming from fake email addresses that lead to a bank.
3) Worst of cases, an email from a known address, a friend's email, which contains an attachment with an unknown format.
In cases 2 and 3 the infiltration operation is much stronger because, behind an image or an attachment, a software called KeyLogger can be hidden.
The keylogger software is installed on the PC and tries to capture every typed letter on the keyboard, stores everything that is written on the infected pc and sends the data to a remote computer connected to the Internet, where the hacker can analyze, all the words typed and trace your bank passwords.
It doesn't end there, even if you don't go to the bank's site, the keylogger can capture the password of an email address, go to the online bank account site, request a password reset, and then log in to your email in order to recover the new password to the account without the unfortunate user noticing anything.
These techniques are typical of Phishing and, although most online bank accounts do not send passwords via email, other monetary services on the internet do so and the most popular examples are Ebay and, above all Paypal, today very used for online payments.
When an email from your bank arrives, at the right email address, the one actually used by the user to communicate with the bank, it should already sound very strange, because a bank will never ask for a password via email.
However, if you are curious to know if an email has actually been sent by your bank, you can start looking at the sender's email address, which is very often crippled.
For example, if on the "From" field it says " " but then the email address is, something is wrong ...
However, you can continue to analyze the email if you don't notice any oddities about the address and see what links there are inside; typical example:
Dear Customer,On the words " Access online services " there will be a visible link because it is underlined in blue and clickable with the mouse.
Please take this e-mail showing the new security measures seriously and immediately.
Our bank's security department notifies you that
steps have been taken to increase the level of
online banking security, in relation to frequent
attempts to illegally access bank accounts.
To get access to the most secure version
in the customer area, please give your
authorization.
Access online services »
If you hover your mouse over the link (without clicking on it!), You can see the actual link at the bottom of the page.
Never ever click links inside an email that refers to bank accounts or services, such as Paypal, which concern money.
If you want to check your account, it is always better to open a new browser window, go directly to the site and log-in making sure that the web page of the site starts with https and not with http.
With Firefox, you can force browsing on banking sites in https, with a plugin.
Extraordinary cases of rather powerful viruses and on unsecured computers can lead to the installation of software that searches for computer passwords; the only password of the main mail can be used in disastrous ways.
The basic safety rule is therefore to create your own email address used only and only for registration in the banking service and not for other uses or to receive other types of communications.
The password of this email must be strong and secure and must contain at least one number and one capital letter; the most scrupulous, can also add a symbol.
In another article we saw how to test the security of a password.
For those who are used to traveling and consulting their bank details on work colleagues' computers, on company PCs or from an internet point, they must use a protected USB stick (read here to protect a pen drive).
1) On the USB stick you need to bring a "portable" internet browser, that is, it does not install on the computer and that stores the session data on your USB stick without leaving traces on the used computer.
Thus cookies, history, passwords entered and stored, are all saved in their own protected key.
Examples of portable internet browsers are: Firefox and Opera
2) Use an anti keylogger that prevents viruses from recording what is written and typed on the keyboard.
An anti keylogger can also be a nice numeric keypad that appears on the screen as in the figure.
I hope I have not scared anyone, as seen, the important thing is to be careful of phishing emails, then all banks and online credit card or Paypal services, are very attentive to the safety of their customers and develop very web pages protected. However, for greater data security it is important to have, an excellent firewall, an updated antivirus, an anti spyware, a portable browser and, as extreme security, an on-screen keypad.
With all these tools, the only way for a hacker to get a computer's passwords and data or to get in and break through the reinforced concrete wall put up in front of his computer is an atomic bomb!
