I recently received the following interesting question from loyal reader Mary Allison: “Recently while watching a financial advice program on TV it was stated that it is never safe to have an e-mail account on the same computer system where you do your online banking. Is it true that you compromise your banking information when you have that information on the same system as your e-mail account? “
Not really. Email all by itself cannot do anything to your computer. Even if a scammer sends you an email, you still have to click a link or open an attachment to install nefarious software on your computer. Mary told me she heard this advice while watching Clark Howard on CNN. I researched Clark’s advice and this is not quite what he said. What he recommended is that you use one dedicated computer for financial stuff and another one for general web surfing. Since most viruses come from scams perpetuated through Facebook, Myspace, Twitter and especially porn surfing, it makes sense that if you don’t visit those kinds of site on a financial computer you are much less likely to fall prey to a scam. However I view this advice as essentially recommending that one computer be used for stupid stuff and one for serious stuff. Why not simply avoid doing stupid stuff to begin with?
The way many on-line banking scams works is like this: You fall prey to a scam in one of its various forms. The scam might install a “keylogger” that captures everything you type on your keyboard and sends it to a criminal. Said criminal will scan the text looking for something like “www.bankofamerica.com johnsmith 12345.” Even the stupidest scammer can tell that this is a bank website, username and password. With that information he has total control of your finances.
So, sure, if you can afford it, dedicate one computer for online financial stuff and make the teenagers and gullible family members use the other one. But for the rest of you, the best defense is to have updated antivirus software on your computer running at all times. Secondly, make sure you have all the Windows updates from Microsoft that patch security holes. Lastly, there is a nifty piece of software called Web of Trust that we install on clients who tend to be repeat offenders. It will pop up a big red flag in your browser that serves to warn you that the site you are visiting may be untrustworthy. Get it at www.mywot.com.
So, my advice is to not do silly stuff on a computer used for online banking. I know, the crooks are pretty good at scamming us, but my experience with you good folks tells me that even those most gullible of you actually know you are gullible. For those people (and for those with reckless teenagers in the house), this “dual computer” setup might be advisable. For the rest of us, simply continue to be skeptical.