Step cautiously into an online bank
Interest rates and convenience are high, but so are security concerns. And customers have to be especially vigilant.
from the April 2, 2007 edition
Page 3 of 3
Safeguards a must
Despite growing acceptance of virtual accounts, safeguards remain crucial for reducing risk. The challenge for consumers is to recognize what the risks are and how to block them.
"In the online banking world, the risks are a little bit different" than in bricks-and-mortar banking, says Ron Teixeira, executive director of the National Cyber Security Alliance, a nonprofit cosponsored by federal agencies and private donors, including computer security companies. "Unfortunately, the risks are a little bit closer to home [in virtual banking] because they exist on your computer."
Example: a computer virus or spyware attack could result in the transmission of account information or passwords to a would-be thief anywhere in the world. Mr. Teixeira points to what happened to one man's online trading account during the summer of 2005. A fraudster, he says, used a virus to infect his computer (which didn't have up-to-date antivirus software), monitor his keystrokes, sell the man's stocks, and move funds to the fraudster's bank. When the man logged on to check his portfolio, his life's savings of $174,000 was gone. He had no legal recourse, but the online brokerage opted to reimburse his account, Mr. Teixeira says. He suggests that a similar problem could happen to someone's Internet bank account. The lesson is to maintain up-to-date antivirus and antispyware software. Consumers also need to download free updates for their operating systems, such as those for Windows, to plug holes that violators may try to exploit.
Even with these defenses, vulnerabilities may persist. Both Teixeira and Colarik warn of so-called "man in the middle" attacks in which a perpetrator intercepts communication between a customer and an online bank and steals enough information to redirect funds. Teixeira says these violations are most likely to happen when a person accesses an account through an unsecured wireless platform, such as one offered at a cafe or hotel, where a thief might monitor a transaction surreptitiously.
Proper safeguards are necessary in part because the Federal Deposit Insurance Corp. (FDIC) doesn't insure against theft. Meanwhile, financial advisers say even Internet-savvy clients shouldn't close up their bricks-and-mortar accounts altogether.
"There are always things coming up where you want to go talk to your banker" in person, says Peter Cacioppo, a financial planner in Moraga, Calif. Example: a person who sells a car may want a trusted banker to verify whether a check is valid. And a virtual bank will probably take longer than a traditional bank to cash that check. The usual protocol at virtual banks is to endorse the check and drop it in the mail for depositing.
RSS feed
