Most of us who bank or do other sensitive financial transactions online rarely give security a second thought.
But all too frequently, online credentials are stolen — giving cyber thieves full access to financial accounts. Here’s how to defend yourself.
Is Windows unusable for online Banking?
I’m a fan of security blogger and former Washington Post tech journalist Brian Krebs. He has an ongoing investigation into the ways and means that attackers steal banking credentials and use them to illegally transfer funds from online accounts. The thefts are especially costly for businesses because the U.S. Federal Deposit Insurance Corporation doesn’t insure business banking accounts against online losses. If your business account takes a hit, you’re typically without recourse.
In one post, Brian made a rather provocative claim:
“I said this nearly three years ago, and it remains true: … Don’t use Microsoft Windows when accessing your bank account online.”
He goes on to recommend you create a Linux-based boot CD and do your online backing through a Linux browser. (So far, malware on Linux systems is extremely rare.)
I’ll admit that I occasionally download something or connect to questionable sites using a virtual Ubuntu machine (where the item is sandboxed until I deem it safe). But I’m not ready to stand with Brian and categorically state that Windows cannot be made secure enough for online banking. And even if I could, some of the financial institutions I use prefer a Windows-based system.