Most Bank Sites Insecure, Says Recent Study
Online banking makes life easier, at least for those of us comfortable with the idea of transacting money from the home or office. Like most people, I assume that my bank's website is an extremely secure site, rigorously monitored to protect my money. Along with many other people, I may have been wrong.
A University of Michigan study released last week suggests that, of 214 financial institutions' websites, every one had design flaws and over three-quarters contained at least one flaw that could potentially put customers at risk. (Source: cnet.com)
One of the larger problems seems to be the placement of secure login boxes on insecure pages, thus negating the utility of the secure login and creating the possibility that clients could enter their personal information onto "spoofed pages".
55% of the sites investigated also contain confidential information on insecure pages. This could allow piracy of personal information, which could be used to obtain personal client information or access funds. Other faults included sites that didn't prompt users to enter more secure passwords or IDs that transferred clients to different domains without warning.
The study's organizer, computer science professor Atul Prakash said, "To our surprise, design flaws that could compromise security were widespread and included some of the largest banks in the country...[o]ur focus was on users who try to be careful, but unfortunately some bank sites make it hard for customers to make the right security decisions when doing online banking." (Source: informationweek.com)
Although most of the design flaws identified by Prakash and his team require more than a quick fix, he cautioned against boycotting online banking altogether. Most of the flaws, he advised, are difficult to capitalize on and the majority result from insecure Internet connections, such as a hotel network.
The University of Michigan study did not release the names of the institutions included in the research, but it is likely that every major financial institution in North America is scrambling today to ensure it can promise customers the most comprehensive security available.
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.