SEARCH
« Oregon Dad Faces Foreclosure as Son Is Returning from Iraq | Main | Sprint and Motorola Launching More than 10 Devices in 2011 »
Friday
Jun102011

Citibank Breach: Six Tips to Bank Online Safely

Hemera Technologies/Thinkstock(NEW YORK) -- Citibank acknowledged that a data security breach has exposed information on about 210,000 of its bankcard customers.  While these data breaches seem to be growing more commonplace, experts offer tips to make online banking more secure.

Citi's incident, one of the first known hacking cases at a bank, compromised data including credit card account numbers, names and contact information like email addresses.  There have been several other public hacking announcements this year from Sony, Lockheed Martin, and Michael's Stores, leaving consumers feeling overwhelmed by security concerns.

Adam Levin, co-founder of Credit.com and former director of the New Jersey Division of Consumer Affairs, said it is best for consumers to carry the mindset that there will be more data breaches in the future.

"The level of sophistication of hacking has grown exponentially," Levin said.  "And the bad guys are ahead of the good guys."

Avivah Litan, security analyst with technology research and advisory firm Gartner, said that for both online banking and online credit card management, consumers have "very good protection" under a rule set forth by the Federal Reserve called Regulation E that limits consumer liability for unauthorized card usage.  Though consumers may experience an inconvenience, they will almost always recover financially, she said.

Large businesses usually can afford security protection for their banking.  But Litan said online banking for small businesses is "very risky" because Regulation E does not apply to businesses.

To limit the exposure of you or your business in online banking, here are some tips from some security experts:

1. Never accept incoming communications purporting to be from financial institutions you do business with, whether by email or phone call.

"Call them back using only the phone numbers published on your cards or statements," Richard Wang, manager of SophosLabs US, said.

2. Update your security software on your computer.

"Make sure it's malware protection and have the most sophisticated firewalls and anti-intrusion software," Levin said.  "Those start screaming at you anytime you're even near something that has a worm on it."

3. Check the security of your mobile device and your mobile banking apps.

Mobile banking and payments are becoming more common, which means hackers may pay more attention in that marketplace also.

Andrew Hoog, chief investigative officer of viaForensics, a digital forensics and security company, found three unencrypted (i.e., less secure) passwords in apps for Foursquare, LinkedIn and Netflix on the Android in a recent round of app security testing.  Citibank received a "pass" rating for its app.

4. When logging in to perform online transactions, always enter the website address directly in your browser.

Never click links that claim to take you to banking sites.

5. Use strong passwords and don't reuse your bank password elsewhere.

Use two factor authentication if your bank offers it, such as confirmation numbers by text message to your phone, Wang said.

Levin adds that you should even have unusual answers to additional security questions.

"If they ask for your mother's maiden name, say 'superwoman,' or something outrageous that you would only know," Levin said.

6. Be active in monitoring your financial accounts.

Levin said he does not believe eliminating your online accounts is the answer because they can be the best tools to monitor your financial activity in real time.  He suggests you monitor your online accounts at least once a day.

Copyright 2011 ABC News Radio

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>






ABC News Radio