These are quick first looks and trend and threats


Read More >>
Written by the security and AV professionals from team K7, meant for the general audience
Read More >>
These are usually articles that go into internals of a virus or deal with security issues
Read More >>
Senior managers speak on areas of interest to them, inside and outside the industry
Read More >>

Archive for the ‘Banking Malware’ Category

Don’t Lose Interest Over Banking Security

Friday, October 16th, 2015

The evolution of Internet technology has brought about a paradigm shift in the way we bank. As responsible netizens, it is of utmost importance that we understand the implications of these changes and develop basic security etiquette. This blog aims to provide a few security tips that will educate readers about how to bank safely online.

For years the mere utterance of the word banking would invoke feelings of anxiety amongst most people.  The thought of having to stand in endless queues waiting for your turn, filling in numerous forms only to be informed by the teller that you’ve left out some esoteric detail and that you’d have to go all the way back to the start of the line, would be enough to send chills down your spine.

The last decade however has witnessed a revolution where you can conduct transactions, transfer funds to friends and family, all at just the click of a button. The progression of technology and the convenience factor have been the catalysts in driving out traditional ways of banking, ushering in its online avatar.

To access an online banking facility, you would register with the institution and set up your credentials. This is a combination of user name and some password, using which you could use some of the common facilities offered by online banks. The facilities include viewing account balances, transferring money, downloading financial statements, etc.

While this new technology may have eliminated the red tape & inefficiency, the story is not all rosy. The advent of online banking has brought with it its own set of problems – a security problem on a global scale with massive financial consequences; billion-dollars-worth consequences, to be more precise.

Exploiting a lack of user awareness to their advantage, cyber criminals have managed to swindle billions of dollars of money, transcending both physical and virtual borders. Using techniques such as Phishing and Vishing, the fraudsters lure potential victims into disclosing their online banking credentials and other personally identifiable information. Once the bait has been taken, the innocent victims enter the deep web of the Internet – a world full of poisoned DNS servers, infected hosts and web sites laden with exploits masquerading as your regular banking site, aimed at just one thing – stealing your money.

All is not lost though, for here are some of the steps that you should follow to ensure the safety of your hard-earned money:

  1. Enable multi-factor authentication. Most banks send a randomly generated PIN to your registered mobile, which will have to be keyed in along with your regular credentials to gain access to your online bank account. This may now be mandatory
  2. Create a strong password. Avoid using any common words or phrases and never create a password that contains your name, initials, or your date-of-birth. Also, remember to change these passwords at regular intervals
  3. Secure your mobile device/computer and keep it up-to-date. Make sure you have a firewall turned on and are running a top-rated, Anti-Virus software solution such as K7 Anti-Virus. This will ensure you are protected from Trojans, keyloggers and other forms of malware that could be used to gain access to your financial data. You could also conduct online banking transactions in a dedicated, secure browser such as K7 Secure Web which will protect transactions even if the computer were infected with common malware
  4. Up-to-date browsers replete with patches for any 3rd party plugins
  5. Avoid clicking through suspicious emails. Beware of unsolicited emails that purport to be from your bank. Treat such emails with suspicion as it may well be a phishing attempt to trick you into handing your credentials over. Banks will never ask you for confidential information via email or by calling you up
  6. Access your accounts from secure locations. It’s always best practice to connect to your bank using computers and networks you know and trust. Look for a small padlock icon on the address bar – the web address of the site you are on should begin with ‘https’
  7. Always logout when you have completed your banking work. It is good practice to always log out of your online banking session when you have finished your business. This will lessen the chances of falling prey to session hijacking and cross-site scripting exploits
  8. Set up instant account notifications. Banks offer a facility for customers to set up text or email notifications to alert them to certain sensitive activities on their account. Such alerts could give quick notice of suspicious activity on your account

With more people registering to conduct online banking transactions every day, it is only fair to say that this problem of virtual robbery could only get worse. As responsible online banking users, we must ensure that we follow the above-mentioned basic security precautions to keep ourselves and our money safe online.

Lokesh Kumar,
K7 TCL Systems Manager

If you wish to subscribe to our blog, please add the URL provided below to your blog reader:
http://blog.k7computing.com/feed