[BobC]

James (Jim) Hillier, on 14 September 2011 - 08:03 AM, said:

Hey Bob - That is not quite correct mate; banking, paying bills and purchasing online is very safe. All those types of financial transactions use a very secure connection where all data is encrypted - AND, passwords are NOT stored in any external database. The risky part is keeping passwords, banking account and log-in details actually stored on the computer. If you simply input those details when needed, from an external source (such as a written record), you are as safe as...um...err...the Bank of England!!  LOL

Cheers mate....Jim

Not always. I'm in the US. We have had bank accounts compromised. Personally, I do not store any personal information on my PC. My kids, who do on-line banking, on-line purchases and other on-line transactions have already received e-mails that the databases were hacked and their account information may have been compromised. Why, even the Linux Kernel was recently "hacked". Granted, it isn't going to bring the world to an end, but if it can be hacked it will. The Chinese have hacked into US government databases and have obtained secret and sensitive information. I've worked with computers for over 50 years.I actually started on April Fool's day in 1961 (biggest April Fool's joke of my life). There have only been a few systems (mainframes, actually) that have not been hacked (at least to my knowledge and, a challenge at one time, I seem to recall by 2600 magazine). And if you can't hack into it, its too easy to buy off underpaid employees to plug in a USB stick, download sensitive data and then sell it for a tidy sum. You may call me paranoid, foolish and a number of other designations, but I'll do my transactions in person whenever I can. And, yes, I realize that once I pass my credit card information in person or over the phone, it will end up in a database that can be hacked, but at least I didn't make it any easier. Also, it pays to put a limit on credit cards and to go over your monthly statements. Another problem in the US is your Social Security no. It is recommended you don't give it out. But guess what, it is used as a personal identification number by just about everyone. Obviously, anything you do that has tax implications requires giving your SSN. But go to a doctor, hospital, driver's license, and a number of other non-financial situations and they won't do business with you if you don't give your SSN. Its stupid and unfortunate, but that is the way it is here. One's SSN was being used for other purposes than its original intent for years before computers became "mainstream". It just carried over. And, cheers to you too, Jim.

[google]

Bob, even doing transactions manually still means your on a database, and so are your details, everything is available to anyone at any time should they have the ability to hack into these systems, no matter how much we dislike the idea.   If you're saying you personally wouldn't conduct a transaction online due to the security implications then you are of course minimising your chances of being a victim of online fraud though I would think it easier to be mugged in the street for your cash, credit card details and name and address from a utility bill rather than be victim of an online fraud - people even go through bins now to steal identities and fix all kinds of devices to cash machines to catch your cards and pin numbers.   The way I see it is the less paperwork I have available for prying eyes and the fewer transactions I make in public, the better.   I would trust my bank or online supplier and their transaction processes more than I would an average joe in the street.

Problem is, the vast majority of people who are, or have been, victims of online fraud have done very little to help themselves.   I've heard of people filling in emails with banking details, pin numbers and all sorts of other sensitive information and then kicking off at the bank because someone emptied their account, this, after many years of warnings from banks and other financial institutions to never respond to such emails.   Then we have those who surf the net with little regard of what they download or which sites they visit, and they wonder why their computers are infested and information obtained by third parties.   Those who think that sticking an antivirus program or firewall on their computer deems them untouchable are seriously misguided I'm afraid, it takes common sense to use the internet these days, it takes a little suspicion to stay one step ahead of the bad guys.   No-one is untouchable, but as long as we remain sensible and question online activities and dare I say it, even attempt to educate ourselves a little better about online safety, hey! we could just all survive.

[BobC]

google, on 14 September 2011 - 10:45 AM, said:

Bob, even doing transactions manually still means your on a database, and so are your details, everything is available to anyone at any time should they have the ability to hack into these systems, no matter how much we dislike the idea.   If you're saying you personally wouldn't conduct a transaction online due to the security implications then you are of course minimising your chances of being a victim of online fraud though I would think it easier to be mugged in the street for your cash, credit card details and name and address from a utility bill rather than be victim of an online fraud - people even go through bins now to steal identities and fix all kinds of devices to cash machines to catch your cards and pin numbers.   The way I see it is the less paperwork I have available for prying eyes and the fewer transactions I make in public, the better.   I would trust my bank or online supplier and their transaction processes more than I would an average joe in the street.

Problem is, the vast majority of people who are, or have been, victims of online fraud have done very little to help themselves.   I've heard of people filling in emails with banking details, pin numbers and all sorts of other sensitive information and then kicking off at the bank because someone emptied their account, this, after many years of warnings from banks and other financial institutions to never respond to such emails.   Then we have those who surf the net with little regard of what they download or which sites they visit, and they wonder why their computers are infested and information obtained by third parties.   Those who think that sticking an antivirus program or firewall on their computer deems them untouchable are seriously misguided I'm afraid, it takes common sense to use the internet these days, it takes a little suspicion to stay one step ahead of the bad guys.   No-one is untouchable, but as long as we remain sensible and question online activities and dare I say it, even attempt to educate ourselves a little better about online safety, hey! we could just all survive.

As I pointed out, i am well aware that even face-to-face or over the phone transactions typically result in my credit card (or other sensitive information) getting stored in a database that can (and [probably will) be hacked some day. Of course, it also depends upon system being used. If its a Windows Server, the likelihood is much higher than say a Linux Server (IMO). However, some mainframes are very secure - of course, if some hacker has the capability to tap into the transmission to the server (or, more likely, a desktop (laptop, etc.) being used as a "terminal" to transmit the data. I don't dispute that a lot of people tend to treat PCs the same as turning on their TV and are lax in security. I don't disagree that you can get mugged, but it is much easier to spoof and scam people over the internet out of their money because most PC users haven't a clue until they get taken. As I mentioned in my previous post, I'd rather be paranoid about doing financial transactions over the internet than allow another avenue to lose my hard-earned money. Personally, if I had no other choice but to do a transaction over the internet, I'd use a live CD (e.g., Ubuntu) and take the extra effort (and store any "receipts" on a "clean USB stick". At least (I hope) that the live CD download was not infected somehow. Anyway, we can discuss this until we are "blue in the face" and neither will budge.