Online bankng security

RussJK

Main thing is to avoid getting infected in the first place, without bogging things down with excess security

I'd keep Avast and Windows firewall, and get rid of Zone Alarm and disable Windows Defender.

Malwarebytes free is a very good option for manual scans - also the 'Pro' version is well worth the money for a lifetime licence, approx £15 last I checked: https://forums.moneysavingexpert.com/discussion/3168692

You can use something like Norton DNS, which will help prevent infection and is particularly good at avoiding phishing sites:
http://nortondns.com/

I wouldn't waste time with Trusteer Rapport due to the noticeable system slowdown (and because I think prevention is a better approach) - but I'll admit it does do its job according to MRG tests (http://malwareresearchgroup.com/).

If you use Firefox, then Adblock Plus with EasyList and Malware Domains subscriptions are useful (http://adblockplus.org/en/subscriptions). IE8 only supports 'Simple Adblock' unfortunately.

It's very important to keep everything up to date, especially programs like Adobe PDF Reader, Sun Java, and Adobe Flash. These are some of the most 'exploited' programs, meaning that criminals will exploit certain vulnerabilities in the software in order to cause you to be infected.

The worst offender is Sun Java. For example right now approx 80% of people who are infected with banking trojans by the 'Blackhole Exploit Kit' get it because of vulnerabilities in Java. This is according to statistics taken in June from a malware server by security researchers (http://labs.m86security.com/wp-content/uploads/2011/06/Statistics.png). It's best to uninstall Sun Java completely if you don't use it (at worst, just reinstall it if a needed program uses it).

Otherwise, just be smart on the net e.g. avoid clicking on strange links or attachments sent via email, or on the deliberately outrageous links in Facebook, etc.

RussJK

There are a few ways to stay up-to-date beyond just having Windows Updates set to automatic.

I use Filehippo Updatechecker, as it's simple and light: http://www.filehippo.com/updatechecker/. I've set it to only run when I choose to.

Another is Secunia PSI
http://secunia.com/vulnerability_scanning/personal/

Secunia is great and will do everything in the background for you. One caveat is that it installs itself to run all the time, so it would be one more thing running.

oldfella

I have no faith whatever in Windows - IMHO its just a matter of time before the badguys come up with some new exploit

its probably not for non techies, but my suggestion is to run Linux from a USB pendrive for your banking sessions. I use Slax.

set it up so nothing can write to the pendrive, and run a firewall which only allows https connections and port 80 http connections to bank URLs.

this setup only allows connections to and from the destinations you authorise, and in the extremely unlikely event of an exploit, it cant write to the USB disk so next time you load it doesnt exist.

RussJK

oldfella wrote: »

set it up so nothing can write to the pendrive, and run a firewall which only allows https connections and port 80 http connections to bank URLs.

This won't help if the router itself has been compromised:

Windows based malware can change the DNS settings on the router e.g. Zlob / DNSChanger. Easy enough to detect if one thinks to look, or prevent with a strong password.

Worse but rarer, attackers can attempt to replace the firmware on vulnerable routers with a compromised version, so even resetting the router won't help. Hard to detect for most people; prevention is mainly based on password strength and turning off remote access.

Still, to be closer to failsafe you'd have to at least resolve the bank domains yourself with a hosts file and not just rely on DNS.

alanq

RussJK wrote: »

Another is Secunia PSI
http://secunia.com/vulnerability_scanning/personal/

Secunia is great and will do everything in the background for you. One caveat is that it installs itself to run all the time, so it would be one more thing running.

There is also OSI which is a less thorough checker from Secunia that runs online without installing anything on ones PC.
http://secunia.com/vulnerability_scanning/online/

RussJK

alanq wrote: »

There is also OSI which is a less thorough checker from Secunia that runs online without installing anything on ones PC.
http://secunia.com/vulnerability_scanning/online/

Needs Java though, so only worthwhile for people who for some reason need Java, e.g. minecraft addicts I've not looked much into how secure alternative Java runtimes are though.

For everyone else, I'm always going to say 'get rid of Java if you don't need it'.

masonic

RussJK wrote: »

This won't help if the router itself has been compromised:

It depends whether the OS is set up to forward DNS queries to the router or if DNS servers are specified in the network configuration of the OS. I've come across liveCDs that have been configured to use OpenDNS within the OS by default.

Money_Saving_Dude

Some good advice so far,

Also, remember the golden rule:

NEVER, EVER click on a link in an email, Ever.

Don't do it. Ever.

iltisman

I use an old computer with a new hard drive fitted for bank access. I only use it for bank use and never for emails etc. I always shut down my other PC when on line. I feel if their is a problem
and I have to argue with the bank this will put me in a better position.

StevieJ

iltisman wrote: »

I use an old computer with a new hard drive fitted for bank access. I only use it for bank use and never for emails etc. I always shut down my other PC when on line. I feel if their is a problem
and I have to argue with the bank this will put me in a better position.

I don't suppose you need a new hard drive just a reformat and reinstallation of the original software and updates.