In light of my last my post, “120M Stolen By Hackers in Three Months“, I want to reiterate what I said in “ABA Recommends Using Dedicated PC for Online Banking.” This is the way I would do it:
…set up a PC with Microsoft’s Steady State, disable any Internet access except to the bank’s online application and uninstall Outlook Express. I would make a completely locked down and hardened installation of Windows with all services disabled except for essentials. Assign a static IP address to the machine. I would use a software firewall and disable all ports except 80 and 443. Of course, anti-malware software would be essential.
In March 2010 SANS Ouch! Vol. 7 No. 3, you’ll find this advice:
* Keep your dedicated computer out of reach, or even better, under lock and key
* Set a strong password for the Administrator account
* Create a second account that has limited privileges and always use this account for your online banking
* Contact your computer support provider for information about how to add, remove and change user accounts
* Turn your dedicated computer off when not in use to help prevent network-based intrusions
* Keep the operating system secure by applying patches and updates promptly
* Don’t scrimp on security software; install a good-quality security suite and keep it updated
* Never use a wireless connection for online banking
* Use a strong password for your online banking account, and do not use that password anywhere else (Strong password tips:
Either way, the key is to use a secure, dedicated system. And if you spot any unauthorized activity, or suspect your information has been compromised in any way, the Federal Trade Commission recommends you take the following actions:
* Notify your bank and credit card companies immediately
* Close all affected accounts
* Notify the major credit reporting agencies
* File a report with the Federal Trade Commission
* File a report with the police
Find more advice in the ABA Education Foundation article, “Protect Your Financial Identity“.
Just do it!