Ask Leo! #691 – Is Online Banking Safe?

The Ask Leo! Newsletter - Be sure to allow image display for the best viewing

This Week's Newsletter

Online banking is as safe the alternatives, as long as you practice proper internet hygiene, of course.

Also this week: ads that follow you on websites is one thing, but by email? And just how do websites store passwords so as to only frustrate hackers?


Last week's Tech Enthusiast Hour podcast was recorded the night before the Falcon Heavy launch, so we were speculating whether it would come down in three pieces, or millions of pieces. This week I expect we'll discuss how it turned out those weren't the only two options, along with other tech news of the week, of course.

Is Online Banking Safe?


I would think that no PC would be immune from malicious threats if they landed on some corrupt site that then installed malware or key-capture software. Is there any reasonable way to continue to safely do online banking?


Avoid getting infected.

I know, that sounds trite and flippant, and I don't mean to be so. Ultimately, though, all the advice boils down to exactly that: do what it takes to stay safe on the internet.

I regularly bank online. In fact, I've done so for years without incident. I much prefer it over the alternatives.

Follow the basics

It really boils down to remembering and religiously following the basics.

Use a strong password – Much of the account theft I see is due to poor passwords. You must have a strong password on your banking accounts. It's your best, first line of defense.

Don't share passwords – Giving your password to someone you “trust” is another way banking accounts often get compromised. The problem arises when the individual turns out to be not so trustworthy or not as security-conscious as you need them to be.

Use two-factor when available – Two-factor (also “multi-factor”) authentication prevents unauthorized entry into your accounts even when the password is known. Using SMS, a dedicated app, or some other approach is the best way to truly lock down your most important accounts.

Open only email attachments you trust – If you're the least bit uncertain, don't open 'em. Email attachments are, by far, the most common way malware lands on machines these days.

Learn to recognize and avoid phishing – In order to fool you, hackers constantly send email that looks like it came from your bank. Don't click on links in email messages from your bank. Instead, visit your bank as you would without the email: type the address of your bank's website into the browser address bar (or use a bookmark you saved previously).

Secure your network Make sure to secure your router. Understand what it means to use an open Wi-Fi hotspot or other shared network connection safely. Yes, you can bank online safely when traveling (again, it's something I do), but it does require that you pay attention to network security.

Avoid shared or public computers, period – While library computers or the machine you can borrow while visiting your friend might be convenient, you have no idea what's on them. They could be full of malware or include undetectable malicious hardware. Avoid them for anything sensitive.

All banking is dangerous

All banking, online or off, is dangerous. In my opinion, you're actually more likely to be affected by bad behavior you have no control over — such as that in the bank's back room or at some hacked third party — than you are to have your information compromised due to your own failings… as long as you follow the basic security you should already be doing.

Related Links & Comments: Is Online Banking Safe?

Get Backing Up In Windows 10 Today!

How Did I Get Advertising About the Contents of an Email?

A few minutes ago I scanned a page on generators from a Harbor Freight catalog and sent it to my son using Gmail. A few minutes later I got an email from Harbor Freight — in Yahoo, via Thunderbird  — with this subject line: “You Can Rely on These Predator Generators on Sale Now.”

How does this happen? How does Harbor Freight know that I'm thinking about generators? Seems like there's something on my computer monitoring my outgoing emails and alerting sellers to send me an ad on the item.

Or is it my son's computer that's doing it?

Either way, it's creepy and something I'd like to stop.


I understand it feels creepy, but many aspects of what you describe represent the “cost” of free services like Gmail and Yahoo! Mail: advertising.

There's not enough information for me to say exactly what happened, but I'll describe some possibilities. There's also one aspect of it I can't explain at all.

Continue Reading: How Did I Get Advertising About the Contents of an Email?

How Do Websites Store Passwords Securely?

In reading your excellent article, “How Can a Hacker Try All Possible Passwords If Systems Block the Login Attempts?” I still don't understand. Even if a hacker has stolen the user database of logins and hashes, how can they duplicate the method of hash creation used by any particular website? I would think different websites would use different hash creation formulas.

You would think.

That's what makes it so frustrating when these attacks end up being successful.

The problem is that security is often an afterthought. In fact, it's often not thought of in any deep sense until after a successful attack.

The good news is, there's something simple you can do about it.

Continue Reading: How Do Websites Store Passwords Securely?

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons Bronze level & above.

More Ask Leo!

Tech Enthusiast Hour: I'm one of the regular hosts of the weekly Tech Enthusiast Hour podcast! Join us as we discuss the latest news & tech goings on. More information at!

Become a Patron
Ask Leo! Books
Facebook - YouTube - More..

Leo's Other Projects....

HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.


Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it. - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2018,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC

Posted: February 13, 2018 in: 2018
« Previous post:
Next post: »

New Here?

Let me suggest my collection of best and most important articles to get you started.

Of course I strongly recommend you search the site -- there's a ton of information just waiting for you.

Finally, if you just can't find what you're looking for, ask me!

Confident Computing

Confident Computing is the weekly newsletter from Ask Leo!. Each week I give you tools, tips, tricks, answers, and solutions to help you navigate today’s complex world of technology and do so in a way that protects your privacy, your time, and your money, and even help you better connect with the people around you.

The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition

Subscribe for FREE today and claim your copy of The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition. Culled from the articles published on Ask Leo! this FREE downloadable PDF will help you identify the most important steps you can take to keep your computer, and yourself, safe as you navigate today’s digital landscape.

My Privacy Pledge

Leo Who?

I'm Leo Notenboom and I've been playing with computers since I took a required programming class in 1976. I spent over 18 years as a software engineer at Microsoft, and after "retiring" in 2001 I started Ask Leo! in 2003 as a place to help you find answers and become more confident using this amazing technology at our fingertips. More about Leo.