There is yet another article about “hackers” breaching security and stealing money from accounts. In this case the hackers installed key-logging software on public computers. Then when people log into their accounts from the public computer the software either sends or stores username/password combinations.

This reminds of an old scam from (I think) the 80’s. Criminals would put a fake front end on public ATM’s and record account number / pin number combinations. For some reason that exploit faded away (probably the $300 daily limit).

Two things popped into my mind, number one: Who uses a public computer to access account information? Thats just silly. Number two in the VPN world there has been a solution to this for a long time.

When you use a good quality VPN, you have a little device with a button on it. You enter your username, push the button and a single use password is generated for you. This password is good for all of about 60 seconds.

I have only seen one financial institution that used this system, E-Trade. Oddly enough, they are one of two companies mentioned in the article. I am guessing that the key fob must be an option for accounts and costs extra money.

My question to all the Advisors is this: Are you sure you don’t have malicious software installed at your office? I can’t imagine the damage that would happen if a hacker got a hold of a back-office trading system password.

At home, I use three different pieces of software to protect me. Norton Antivirus, LavaSoft Adaware and Windows firewall. I also use Mozilla Firefox as my browser because it has more security options. As a forensic tool I use Hijack This. Sometimes even this is not enough.

You have to be vigilant, If my computer slows down for some reason, I will investigate it. I constantly use CCleaner to look at my startups to remove things and to look for anomalies.

Granted I go pretty far with this but I read internet articles all the time. You should at least have a good anti virus solution installed and use a firewall. I would say if you don’t at least do this you are being negligent.

I would include this combination for any computer, even if it does not connect to the internet. You never know when one of your clients or vendors will unknowingly give you an infected disc to read from.

As my Drill Sergeant used to say, if you’re going out in public make sure you’re protected.