Before You Pay, Pray

An interesting but confused (to put it nicely) <a href="http://finance.yahoo.com/banking-budgetingk/article/109549/could-online-hackers-steal-your-cash">article</a> covering online banking prompted a pretty saucy <a href="http://righteousit.wordpress.com/2010/05/17/not-news-is-bad-news/">response</a> from an industry expert Monday.

An interesting but confused (to put it nicely) article covering online banking prompted a pretty saucy response from an industry expert Monday.

I decided I would explore the issue because it's important, and my fiancee recently had her identify stolen. Obviously having your identity stolen and your bank account information compromised are two entirely different things, but they both throw twists and turns into your life that are neither pleasant nor sustainable. Trust me, after dealing with credit bureaus, banks, companies and federal organizations, you just about want to shred your credit cards, close your bank accounts and hide cash under your bed for the rest of your life.

Anyway, the article, courtesy of bankrate.com, seems to have made the biggest mistake of all when it comes to online banking stories; it gave users hope. The article explained that your bank could be safer than others based on the number of security layers it implements. It even gave a list of ways users can help protect their accounts. Nice try folks. Hal Pomeranz, a security expert at Deer Run Associates, put the kibosh on this sort of talk:

"The reality that banks may not want to admit right now is that readily available malware kits like Zeus are completely bypassing the bank's online security protocols," Pomeranz writes. "This happens because the attacker has simply taken over the victim's machine and is using the victim's own credentials to conduct the fraudulent transactions."

So maybe before you bank online you should just pray? Pomeranz didn't address this option.

But if you read the entire post, he essentially says there is no hope until banks pony up the cash to make the systems safer. Unfortunately, there's no incentive to do this because liability falls on the consumer. So don't change your password 10 times a month, and don't freak out if when logging in the bank doesn't ask for your mother's maiden name. If you're targeted, you're probably getting hacked whether you have numbers and special characters in your password or not. Sorry folks.