|
I connect to my bank's website via my favourites bar. I've been told that this is a risky method. Is it any more risky than using my favourites list or labouriously typing the website address into the address bar at the top every time? What's the safest method? I'm the sole user of my computer.
|
>> I've been told that this is a risky method
Who by?
|
>> Who by?
>>
A well-meaning but not necessarily well-informed acquaintance. I take it that you don't agree.
|
>> I take it that you don't agree.
Just curious more than anything. I'm of the same view as you and can't see it being any more risky than having it as a favourite, or shortcut icon on your desktop.
I take it you still have to enter some log in details anyway?
|
>> I take it you still have to enter some log in details anyway?
The danger being presumably that if you had been redirected to a dodgy site, they would then be able to use those details to access your account on the real site.
|
|
Using IE9 with Bing suggestions turned on, if I start typing 'nationwide' into the address box, the name appears 4th in the list after just typing 'na'. Assuming you can trust the Bing results, that's I guess a pretty safe way of doing it and not too laborious.
|
Unless you want to be ridiculously paranoid, then the only fear is that you will go to the wrong site. Unless you're storing your username and password, then I would think all that someone could find out from you would be the URL of the site - which is public knowledge anyway.
So the question is which is least likely to get you to the wrong site -
Type it in each time could lead to a typo and take you elsewhere
Type it into search each time and then select it could you to inadvertently select the wrong one if the order changed
Type it once into your favourites and forever use that? Well, that would seem to be the least likely to cause an unintentional error.
If you use it a lot, then have it in your favourites, then drag and drop that favourite to your desktop to create a shortcut icon.
Aside from all of that, storing your username or password within your browser may be a risk you want to think carefully about and probably not do.
|
I think your friend has got it 100% the wrong way round. The normal security advice is to use favourites to save the correct site address.
If you type the address in each time the danger is that a simple typing error may lead you to be directed to a fraudulent dummy site set up and designed to collect your bank details.
|
Doesn't Nationwide use a widget or a PIN sentry anyway? Firstdirect doesn't, but you don't enter the whole password either. I use a shortcut and also check the url in the address box.
I am extra careful with PayPal. You enter the whole password. If a scam can direct you to a fake site then it could capture your login and full password.
|
>> Doesn't Nationwide use a widget or a PIN sentry anyway?
Widget, yes - although you can opt to use 3 (IIRC) pieces of personal info.
It's not that I type the URL for security reasons - just haven't got round to bookmarking it. Don't use it that often.
Last edited by: Focusless on Tue 11 Dec 12 at 10:16
|
>> Doesn't Nationwide use a widget or a PIN sentry anyway?
I have a Pinsentry device for Barclays but it's only mandatory to use it to make payments to someone for the first time.
|
>> If you type the address in each time the danger is that a simple typing
>> error may lead you to be directed to a fraudulent dummy site set up and
>> designed to collect your bank details.
That makes sense.
|
|
But you don't type the address - you let Bing supply it for you (if you're worried about it).
Last edited by: Focusless on Tue 11 Dec 12 at 10:18
|
>> But you don't type the address - you let Bing supply it for you (if
>> you're worried about it).
>>
I meant using the address bar (but not necessarily typing in the whole address), rather than using my favourites list or favourites bar
|
>> I meant using the address bar (but not necessarily typing in the whole address)
I can't see the danger in that case - for nationwide I just have to type 'na' for Bing to find the nationwide site. Hopefully it's unlikely that it would provide me with a dodgy site, even if I spelled it ('na') wrong.
Last edited by: Focusless on Tue 11 Dec 12 at 10:32
|
>> I take it you still have to enter some log in details anyway?
>>
Yep.
|
Save in favourites so as to be directed to correct site. Suppose there's an outside chance of malware detecting then amending the favourite, pretty remote though if you've got decent security.
Santander have recently amended their log in so it will no longer remember personal id. Even when it did you still need two PINs. And there's my chosen picture and associated phrase as re-assurance that I'm not on a hookey version of the site.
|
|
Santander also recommend using Rapport software to protect password entry; also they've spread the log-in procedure over two pages
|
>> Santander also recommend using Rapport software to protect password entry; also they've spread the log-in
>> procedure over two pages
>>
As do Natwest and Nationwide. Trusteer Rapport is Free
www.nationwide.co.uk/internetbanking/onlinesecurity/howwekeepyousafe/trusteer.htm
www.natwest.com/personal/online-banking/g1/banking-safely-online/rapport/download.ashx
Barcalys, which seems to be L'escargot's bank offers free
www.barclays.co.uk/Helpsupport/Freeinternetsecuritysoftware/P1242557966961
|
>> >> Santander also recommend using Rapport software to protect password entry; also they've spread the
>> log-in
>> >> procedure over two pages
>> >>
>>
>> As do Natwest and Nationwide. Trusteer Rapport is Free
>>
And FirstDirect too.
|
|
And Nat West, and its rubbish. Not Nat West - Rapport.
Last edited by: Zero on Tue 11 Dec 12 at 11:19
|
>> And Nat West,
>>
As I said.
>> and its rubbish. Not Nat West - Rapport.
>>
But having it means the Bank has less, however little that may be, wriggle room to void your claim if something goes wrong.
It must be truly rubbish if so many Banks recommend it.
|
Must be really good if they give it away for nothing. Oh wait! the company is owned by venture capitalists, who in turn are in hock to the banks!
Tell you what, stick it on and then come back and tell me how well its crapped your pc performance.
Last edited by: Zero on Tue 11 Dec 12 at 12:03
|
>> And Nat West, and its rubbish. Not Nat West - Rapport.
>>
Agreed. It's low-level squirrelling into your machine and its near-impossibility to remove cleanly makes the infamous "Sony rootkit" look like the work of altruistic saints.
My wife's bank tried to get her to install it. I took a look at the T's and C's, spotted the bit where it said that once she'd used it to connect with them they would never accept a connection from her without it, thought "Aha. Ransomware." and told her to tell 'em to get knotted.
If I'm ever forced into a position where I have to use it, I'll be creating a Virtual Machine for it to run in.
My favourite example of the perils of banking "security software" was something foisted on my mother by First Direct. That started up, spotted the BT software running her then dialup connection, decided it was moody and removed it. Cue pantomime exercise of "You can't connect to us without it" / "Well I can't connect to anything with it.....".
|
>> Agreed. It's low-level squirrelling into your machine and its near-impossibility to remove cleanly makes the
>> infamous "Sony rootkit" look like the work of altruistic saints.
utter nonsense.
>> My wife's bank tried to get her to install it. I took a look at
>> the T's and C's, spotted the bit where it said that once she'd used it
>> to connect with them they would never accept a connection from her without it, thought
>>
Proof? Otherwise just more hoax/scaremognering.
|
>> Barcalys, which seems to be L'escargot's bank .........
One of my banks.
>> ........... offers free
>> www.barclays.co.uk/Helpsupport/Freeinternetsecuritysoftware/P1242557966961
I imagine it's only free for one year. I had Kaspersky installed by the retailer of my latest computer when I bought it.
|
>> I imagine it's only free for one year.
>>
Your imagination is wrong.
|
>> >> I imagine it's only free for one year.
>> >>
>>
>> Your imagination is wrong.
So is there no yearly subscription?
|
>> >> I imagine it's only free for one year.
>> >>
>>
>> Your imagination is wrong.
It says I can upgrade from my current KIS 2012 to KIS 2013, but it also says .............
"You are eligible to receive a one-year licence for the software from Kaspersky Lab free of charge if you are registered to use Barclays Online Banking ('Offer')."
I assume that implies that at the end of the year a subscription is necessary, whch is the same terms as the KIS 2012 which I already have installed.
|
>> I assume that implies that at the end of the year a subscription is necessary,
>> whch is the same terms as the KIS 2012 which I already have installed.
>>
You do like being spoonfed, don't you, L'es?
At the end of the year, if you are still with Barclays, you renew your licence free as per the instructions on Barclays website.
Last edited by: John H on Tue 11 Dec 12 at 11:49
|
>> You do like being spoonfed, don't you, L'es?
I was brought up in the era of the abacus, so what do you expect? I've had absolutely no formal computer training, so I'm almost totally self-taught (largely by trial and error) plus what I've learned from Car4players.
Last edited by: L'escargot on Tue 11 Dec 12 at 12:27
|
>> I was brought up in the era of the abacus, so what do you expect?
>>
>>
Nothing to do with numeracy. Literacy, yes. :)
Facility to renew Barclay's free AV, annually, is explained in English.
|
>> Nothing to do with numeracy. Literacy, yes. :)
>> Facility to renew Barclay's free AV, annually, is explained in English.
Sacré bleu et zut alors! I bet my English is better than your French.
;-)
|
Trusteer Rapport doesn't seem to offer me much that other installed security and common sense do. Neither can I install it on work or public machines where I might want to quickly check my balance.
It's also spyware reporting 'suspicious' activity back to the bank. Admittedly in the name of gathering intelligence for fraud prevention but none the less still spyware in my book.
|
>> It's also spyware reporting 'suspicious' activity back to the bank. Admittedly in the name of
>> gathering intelligence for fraud prevention but none the less still spyware in my book.
>>
AFAIK
1. that is scaremongering.
2. Q. "Why does Rapport communicate with the outside world?"
2. A. " Rapport communicates with Trusteer's central policy server to receive automatic software and policy updates. Additionally, Rapport sends anonymous reports about security events and internal errors to a central server. This information is used to improve the product and the policy. You can specifically instruct Rapport not to send any information."
However, you may know different. In which case, please do tell me.
Last edited by: John H on Tue 11 Dec 12 at 13:19
|
Favourites bar, IE9 - VxFan
