I was recently interviewed by Margarette Burnette, a personal finance writer at NerdWallet and asked to offer an opinion to the question she entitled “Is it Safer to Bank by Phone or Computer? In this article she says “Two thirds of Americans use mobile or online banking as their main way to access their accounts. If you belong to that group, chances are you lean heavily on a smart phone or computer to pull up your bank information. But both gadgets also happen to be popular targets for online fraudsters itching to infiltrate your accounts”. You can view her report at the link I provided.
After researching the issues and thinking about some of the hard-earned lessons of investigating actual cases, I responded by saying that the safety infrastructure in both methods is very solid and constantly improving. They need to improve because determined fraudsters are always trying new methods to defeat the security structures of the systems. I chose to turn the question around and approach the answer from the perspective of the criminals. In other words, by “Thinking Like a Thief”.
If I were running a criminal organization and wanted to compromise the online banking world, my efforts would be directed towards attacking the smart phone side. People are trending away from relying on desktops, laptops, and tablets for every-day use. The smart phone is really a portable computer, completely mobile, and has many of the same security features as PCs and laptops. As our society moves more towards the connected world of the Internet of Things (IoT), 5G technology, smart homes and cities”, and the increasing capabilities of smart phones, we become more tethered to these devices. Criminal actors are always finding new ways to crack through the security features of our PCs, laptops, tablets and related peripherals. But they are also honing their skills to attack smart phones.
And, let’s face it, two of the weakest links to protecting our home, business, or smart phone cyber systems are e-mails and corrupted apps. Crooks rely on lax behavior by users such as not shielding their smart phones screens, using unprotected wi-fis, sending or receiving unsolicited emails, opening unverified attachments, downloading sketchy apps, or protecting the phones from theft. Considering the increasing reliance on smart phones, it appears to me that cyber criminals will be devoting more time and resources towards compromising the smart phone environment.
The reporter’s question may generate different answers but regardless of the devices used, learning and practicing good cyber hygiene has never been more important.
Additional blogs and podcasting on cyber security best practices are forthcoming.