Not Paranoid Enough

Brad R Friday 11 June 2010 - 08:11:28  

I first heard this news story while I was traveling last week. Thanks to our friend Charles, I also found it in my email when I returned home. But last night, during dinner with some friends, I discovered that those friends were using their Windows PC to manage their bank accounts...so I realized the story hasn't been repeated enough:

Using Windows for a Day Cost Mac User $100,000

David Green normally only accessed his company's online bank account from his trusty Mac laptop. Then one day this April while he was home sick, Green found himself needing to authorize a transfer of money out of his firm's account. Trouble was, he'd left his Mac at work. So he decided to log in to the company's bank account using his wife's Windows PC.

Unfortunately for Green, that PC was the same computer his kids used to browse the Web, chat, and play games online. It was also the same computer that organized thieves had already compromised with a password-stealing Trojan horse program.

A few days later, the crooks used those same credentials to steal nearly $100,000 from the company's online accounts, sending the money in sub-$10,000 and sub-$5,000 chunks to 14 individuals across the United States.

As I said to our friends, "I'm paranoid...but I'm not paranoid enough." I never use a Windows PC to read email, or access our web server, or (especially) do anything financial. My desktop PC, my wife's desktop, and our "travel" netbook all run Linux. I don't save critical passwords in my PC's browser -- it might be stolen -- and I don't save any passwords in the netbook. I even use a separate browser for some tasks. And I never click on links in email.

And yet, I'm not paranoid enough. The experts suggest you at least use a dedicated computer to do your online banking; some suggest you go one step further and run a Live CD for banking. The advantage of a Live CD is that it can't get infected, and you always boot up into a clean system. Another advantage, if you're still using Windows, is that you can boot a Linux CD on your Windows PC.

Don't believe, as our friends did, that you're safe if you have the latest security software on your PC. As my mom learned the hard way, even if you run well-known anti-virus and anti-malware software, and are diligent about keeping it updated, your Windows PC can still get infected.
printer friendly