Keep Criminals Out of Your Pockets

Is your bank account an easy target for cybercriminals? Learn how to make it more like Fort Knox.
August 2012
by Robin Wark

Cybercriminals really want to access your bank account - and they are getting more and more inventive.

Recent news reports describe the Shylock malware putting criminal-controlled phone numbers on the contact pages of online banking sites. So, if users have a question - or think something is suspicious - they will not get the help they need. It is likely this tactic is an attempt to get users to reveal sensitive login information or block them from notifying their bank about an account problem.

Shylock is named after a character in Shakespeare's The Merchant of Venice because excerpts of the play appeared in its file description. There are different variants of this malware. In early 2012, one variant was informing users their computer could not be identified and that they needed to speak to a bank representative. Then it would pop up a web chat window that connected the user with the attackers.

Sneaky software like Shylock is just one way cybercriminals try to prey on online banking users. You might receive an email that appears to be from your bank asking you to click on a link to provide information. Or maybe they try to swipe credentials and passwords from your web browser.

To combat these criminals, we suggest trying the techniques below:

  • Do not use links in emails to go to your bank's website. Type in the address yourself and double or even triple-check to make sure it is right. As well, remember that banks, credit unions and other financial institutions will never ask you to email confidential information to them.
  • Make sure you are only entering confidential information on secure pages. Look for the yellow padlock icon near the bottom of your web browser and "https" instead of the usual "http" in the URL.
  • Don't have your browser save passwords. Type it in yourself each time.
  • Use different passwords for your accounts. You should consider changing your passwords every six months or sooner.
  • Have a trusted anti-malware program like ParetoLogic Anti-Virus PLUS, installed. With its frequent updates, it will scan and remove the latest keyloggers, spyware and other malware threats. In addition, it features Real-Time Blocking to help stop malicious code from being downloaded onto your machine.
  • Make it a habit to empty your cache and delete your browser history after online banking. You might also consider using software like ParetoLogic Privacy Controls to regularly obliterate confidential info from your machine.
  • Always install the security updates offered for Windows and third-party software. These can contain patches to close potential vulnerabilities.
  • Keep a close eye on your account. That way you will be aware of any unauthorized withdrawals and can act quickly to protect your account.
  • If using your iPhone, iPad, Android, smartphone or tablet to bank, consider:
    • Using public Internet sparingly for online banking.
    • Taking advantage of a specific app for your bank instead of using a web portal. Apps generally have higher security measures and are safer.
    • Password protecting your phone or tablet.
    • Installing an app to remotely wipe the information from your device. That way if your phone is stolen, you can delete the information from it.

Online banking is very convenient. However, with that convenience can come a false sense of security. If you take precautions, you can help safeguard your account.

Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.