Online Shopping Banking Security

Since the broadcasting of the requirements needed for all website owners to ensure that they have applied the new EU cookie policy directive, the law which applies to how you use cookies and similar technologies for storing information on a user’s equipment such as their computer or mobile device changed on 26 May 2011.
I decided to input my experience into this article to help clarify how this and internet security affects us whilst conducting transactions to business online.
I have previously in the past like so many others out there have been a victim subjected to fraudulent act of being “cloned”!

I have since taken it upon myself to be more vigilant and more responsible about my personal details when online shopping!

By adding all the resources that are available at hand, I have reduced significantly the risk of security breach of my personal details when using the internet to conduct my online banking, online shopping or any other banking transactions online.

As a matter of interest, the statistics in the US and the UK have shown that year on year since 2011 of customers using online shopping as increased!
The biggest main feature for this is free delivery, ease and comfort of your own home, availability of products, the comfort of securing an item before you go to the high street store and better discount!
When it comes to the High Street and Online Shopping, both modes of shopping share the same feat when it comes to the use customer personal data!
There share the same collection of information such as address, contact numbers because either it’s used for delivery purposes or is used for statistic such as demographics (areas in the country by certain products)!
The issue for me is not the above, but because of either complacency or ignorance of our responsibility to ensure that we carry out diligent measures to protect our personal information.
It’s our responsibility so we must ask questions of our own conduct and act on them.
Before we can look at what we can do to address security of our data, I have summarised some of the computer terminology and services that in many cases seems like “mumbo jumbo” (confusing or meaningless subject), I hope to make things more transparent and easily digestible, to enable empowerment of your movement when using your data online.

We have read and it has been well documented on the website concerning the use of the Internet Cookie and more importantly the EU cookie law 2011 have made it compulsory that when customers are landing on websites, they are given the opportunity to either permit the use enabling a customer’s cookie to be used on that website or for it not to be used!
Not quite clear? Ok there are many more informed people out there who can explain as the mechanics of the Internet Cookie or as it well know HTTP Cookie and what levels and uses they carry out on the website!
Let’s step back from all that and try to look at this in a more digestible manner! You browse to a website, shopping, or just comparing prices, each time you enter a website you leave a footprint of your existence!

The whole point of cookies and the level of information they collect, are fine to a point, as without this mechanism websites wouldn’t function properly as they rely on your personal information to make your experience on their website an enjoyable one, hopefully leading to you as a customer to click through the website purchase a product!

The data that is collected and the use of this has been a question for a long time, hence websites have to show there Private Policy to explain what your data is used for and why!
This factor for me is not the issue, it’s the way your personal information is stored and for how long!
For a long time this factor of the storage of your data if kept for longer than necessary because a target for fraudsters, who have become adept in engineering ways to intercept and copy your most sensitive personal information.

Social Engineering - confidence tricksters

This is the art of manipulating people into revealing confidential information. Fraudsters are using every tick in the book to retrieve your sensitive data by conjuring up many  ways to  for you to innocently provide information that will lead to compromising your personal information and leaving you with either a debt or county judgement on your credit rating! Fraud, in most cases the attacker never comes face-to-face with the victims.

Typical scenarios of social engineering are those e-mails we often get, you know the ones! The offers that are incredibly too good to be true!

You know the answer, when something looks too good to be it’s more likely that it is!
Do not open and entertain, DELETE
Then there are some e-mails that centre the e-mail on emotional vulnerability, looking for you to participate in the scheme and getting a reward, but only if you can help by sending you bank details for the operation to be completed!
Again this is intended to work on your better nature and for you to drop your guard!
Please just delete and don’t entertain!
Watch out for the more ingenious methods that are now engineered and catching so many people out, simply because it’s designed to catch those of us that like to argue and dispute!

Don’t be in hindsight after the fact, do not entertain any e-mails that direct you to business websites to update you details for whatever reason, its FAKE!

No Banking establishment will ever ask you to send your personal banking details by e-mail, or PAYPAL would never ask you to do the same!
Never send your personal banking details or otherwise by e-mail via going to a re-directed link from an e-mail! This is designed to capture your details.
All the above cases are classed as “phishing scams”

Keystroke loggers- Keylogger Programs

Keylogger programs have gotten a LOT more sophisticated and a lot more common recently. These programs are hidden in other programs, and rely on infection (like viruses) rather than deception (like phishing).
Spyware is a type of malicious software (called ‘malware’) that scammers try to install on your computer.
In a sign of the growing diversity of phishing scams, a new e-mail combines social engineering tricks and HTML coding to defraud victims using a keylogging program that attempts to capture banking usernames and passwords.

All too often  people are succumbing to clicking on links through curiosity and not knowing the consequences all too often ends with the prospective fraudster embedding their programs within your internet browser, only to be triggered when you browse to certain sites like online banking!

Being aware and using common sense should be used at all times when opening e-mails of which 90% of e-mails we receive are junk mail!
More than ever people are conducting transactions on the internet, either purchasing products or online banking.
When you are completing both types of transactions you are entering your personal details on websites pages known as  Secure Sockets Layer (SSL), which in a nutshell a page that is encrypts sensitive information.

Encryption is the conversion of data into a form called ciphertext that cannot be easily understood by unauthorized people, within this process is decryption which is converting encrypted data back into its original form.

When you logon to a website you should be looking at various things to ensure that the site you are on is SECURE!
You should look for the following:-
When you are about to divulge your information, checking that the website address has HTTPS before the address, indicating a secure web page, if not DO NOT USE IT!
Also you can confirm that the webpage is encrypted by the padlock sign in the address window!

Online Banking
If you are logging onto a bank website then I would ensure that the cards you are using has been registered via your bank to a service called verified by visa!
It’s a service devised by credit companies who got together to help devise a single point of verifying a card owner’s card by carrying out secure steps every time you conduct a transaction online. You create an account and setup your secure details, which you authenticate every time you use your card online. These steps come under a secure process by verified by visa, 3D secure, authorisation, and settlement (not all cards come under verified by visa).

 

 

 

Added Security for online banking

Most of the banks have adapted to a service that all customers should use as a must called Trusteer Rapport, It disables key logging and screen capturing of credentials and personal information used to perpetrate account takeover and cross-channel fraud. Additional protection layers stop endpoint infection via drive-by-downloads and automate malware removal from infected devices. And, Phishing of login credentials and payment card data is blocked while fraud teams are notified of threat activity and compromised credentials. Trusteer Rapport for Online Banking software can be installed on any end user platform including Windows, Mac OS and Virtual Desktops.

Personal Tips!

Before you start looking into the tips below, if you’re PC is running like car with its brakes on, very slow, or its performance has steadily worsened over time or you suspect that your PC has been attacked by a virus! Then I would seriously consider, setting your computer back to when you first had it, this will entail re-installing your operating system, Windows 7 or Windows XP or Vista.

You will need to copy your personal files, photos etc. to an external storage device, such as pen drives, burn the data to a CD /DVD or an external hard drive. Whichever methods you use ensure you copy ALL your files, as when you re-install the software you will lose everything that was not backed up (copied), when apply back a fresh install of Windows 7, XP or Vista.

As below suggests, where you have a clean install or you have kept the same, ensure you keep your antivirus up to date.

Antivirus Protection

 

Free version – you get what you pay for!

Paid version – Ensure when you choose an Antivirus package included in that package you have anti-spyware and firewall!

The company is well known, as you will have continual updates of any critical virus outbreaks
Good after purchase support
The package you choose will have incorporated e-mail security and child monitoring options, to ensure they don’t start clicking on un-wanted websites and answering spam e-mail.
Regular antivirus updates

Credit Card security – Do reveal to anyone your card details!

Change your card at the bank every 6 months; it’s a sure way of ensuring that you don’t get complacent with leaving your card details on many vendor sites for too long! A great tip I was given by the Police when my credit card was compromised!



Security on your PC
Delete the following as often as you can!
Delete your Temporary internet files!

1.       Location is in your profile location on your PC, but if you follow below this will open up the files that are nested in the folder (not all the files will delete as you may have a program open that uses it!)

Windows 7, type in the run box below %temp%

Windows XP, click, start, run, type %temp%, then ok and the same folder will appear, delete all the files that will delete.

 

 

1.      Deleting History files from your device

            Internet Explorer open, click on TOOLS > INTERNET OPTIONS see below

 

Next click the check box – Delete browsing history on exit > Click the DELETE button

 

 

Check all the boxes as below to DELETE all relevant files that are saved on your computer that would otherwise be there to be exploited the longer they stay on your device!

     Click DELETE to complete the task

 

 

Summary

You must complete the above actions frequently, as this is just some ways malware (spyware) get to nestle in those locations to carry out their fraudulent actions of collection your most personal details from your computer.

It’s a must that you have an antivirus that has anti-spyware and firewall

Ensure when you divulge your personal details that the web page is secure, padlock icon and HTTPS is front of the web page address

Do not open spam e-mails and click on any links!

Subscribe your credit cards to verisign firstly speak to your bank!