The more people that use credit cards, the bigger the number of criminals is that hunt their login credentials. Online fraud is a rather easy type of crime as a criminal doesn’t need to be physically fit, have highly adept social skills or even great programming experience. Lying on a sofa and releasing phishing sites and Trojan apps, cybercriminals wait while people bring their money to them.
However, if everybody knows and follows cybersecurity rules, cybercrime would become unprofitable and Internet-criminals might change their specialty and become lawful programmers, system administrators and designers.
Yes, it sounds like a Utopia, but at least we have to try. Let’s make the first step and learn, how to use online financial services securely.
1. The easiest way to come at user’s password is not to steal it with malware but to deceive a user into turning it over. This approach is called phishing, and unfortunately, it’s been widely used ever since Internet became available to the masses.
That’s why you should not tell anybody your PIN and CVV2 code, as well as login credentials for your Internet bank. Even to your best friend or a bank employee. Don’t believe any emails from the bank, which ask you to enter this information — they are false.
What is phishing and why should you care? Find out https://t.co/eNlAvarhAy #iteducation #itsec pic.twitter.com/EJc6vW8YUX
— Kaspersky Lab (@kaspersky) December 11, 2015
2. Before logging in and entering your banking credentials, make sure that you are not using a fake website with unprotected connection. The URL of a fake site can be misspelled or include an additional symbol, like bankoffamerica.com instead of bankofamerica.com.
How #cybersavvy are you? Find out in our quiz: https://t.co/DgDPNu9P47 pic.twitter.com/4DhyKTxSKQ
— Kaspersky Lab (@kaspersky) September 29, 2015
You can distinguish protected (or encrypted) connection by two signs: lock symbol, given before the address bar, and https:// (with “s” letter, not simple http) prefix in the beginning of website’s URL.
3. Always logout of all financial services before you close a browser tab or click the Back button. If you can, never conduct any financial transactions via public Wi-Fi in cafes, hotels or restaurants.
8 security rules for public Wi-Fi users – https://t.co/MWPhQjUUZl #security #besafe #ittips pic.twitter.com/lMdRQTLdSo
— Kaspersky Lab (@kaspersky) December 7, 2015
4. To improve security you should use separate cards: one with low balance — to pay on the Internet and another — to keep your savings. Both plastic and virtual cards will do to make online transactions, but virtual ones are usually cheaper. You can also use PayPal or any other financial service, but make sure that it is reliable.
5. You should use strong and unique passwords and two-factor authentication method to protect your financial accounts. In fact, it’s not hard to remember several reliable combinations. But if you are sick and tired of passwords, give a try to a good password manager.
How strong is your #password? Check it here: http://t.co/9ILaxq503k https://t.co/P9Pm0SGc4n #internet #security #infosec
— Kaspersky Lab (@kaspersky) August 21, 2015
6. Unfortunately, there are no universal solutions, and even an SMS with a secret code is not an exception. There are some mean Trojans that disguise themselves as useful mobile apps and intercept messages from banks. Nobody is protected against them, even those users who download apps from App Store and Play Store only. That’s why it is so important to install reliable security solutions to smartphones and tablets, just as to laptops and PCs.
7. Have you ever heard of key loggers? They are similar to malware described in the previous paragraph, but key loggers infect Windows and Mac, not mobile OS. It’s hard to track a key logger, as most of the time such Trojans act wisely and stealthily record every keystroke made on the device.
What is a keylogger? Read this blog by @DennisF to learn more and understand how to protect your device http://t.co/m5ddthoK1V
— Kaspersky Lab (@kaspersky) April 5, 2013
You can protect yourself from key loggers with the help of the on-screen keyboard. Here Microsoft explains how to turn it on for Windows. To activate the onscreen keyboard in OS X, you need to go to the System Preferences —> International icon —> Input Menu —> Keyboard Viewer and check the Show input menu in menu bar option. After that you’ll be able to turn the keyboard on using the ‘International’ (flag) icon near the upper right corner of the menu bar.8. Trojans are different: some of them spy after your keystrokes; others have learned to make screenshots. Thereby fans of the ‘Show Password’ option are at risk. The best way to protect yourself from this whole zoo of threats is to use a good security solution.
For example, Kaspersky Internet Security and Kaspersky Total Security have built-in components, called Safe Money and Protected Browser. They enable protection against unapproved screenshots and data interception, and check whether you are going to use a phishing site.
#Lifehack: Treat your passwords as delicately as you treat your underwear https://t.co/D7dUnLC8z3 pic.twitter.com/OsMU987fwy
— Kaspersky Lab (@kaspersky) November 26, 2015
Remember these eight tips, follow them while making online transactions — and it will be harder for cybercriminals to steal your money. As a rule, fraudsters are rather lazy so it would be easier for them to forget about you and go looking for another victim.