Way back in 2006, the University of Michigan conducted a study of 214 banking sites. A few details of the study have just been released, with the full findings to come on Friday, July 25.

The study found that more than 75% of the sites had design flaws that could allow login credentials or other confidential data to be stolen. These are vulnerabilities that cannot be fixed with a software patch.

For example, nearly half the sites didn’t use (secure sockets layer) to encrypt login pages. This makes it easier for a hacker to steal your login info, without you even knowing it. Another problem was putting sensitive or confidential information on insecure pages.

In some cases, users were allowed to choose weak IDs and passwords. Some banks emailed and statements, which is risky since email is not secure.

Although the study was done in 2006, many of the problems are believed to still affect banking sites. If you do your banking online, at least make sure that every page you enter data on, is secure. It must begin with https://… and you must see that little gold padlock in the upper or lower part of your screen.

For more on Internet banking, read this post from last January:
http://mypcsecurityblog.com/alerts/do-you-do-your-banking-online-read-this

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online. He has been keeping Internet surfers safe and secure since the last century. Find out how he does it; protect your own computer with five layers of protection right here: = > http://MyPCSecuritySite.com

You may include these Tips in your Web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and Web site. You can also get a direct URL to this post. Click the title, then copy the URL in the browser address bar.

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!