Network Security Recruitment

Primary Security Requirements:

1. Reject fake online banking. Fake online banking is the most common fraud method. Criminals usually register an address that is very similar to the official website, and then lure customers into the scam through emails or website links. For example: the official website address of the Industrial and Commercial Bank of China is: www.icbc.com.cn, but the criminals registered a website of www.lcbc.com.cn. If you don’t look carefully, you won’t be able to notice the difference! If you look at the website page, it looks like it is the website of Industrial and Commercial Bank of China. But if you enter your card number and password on this fake website, then unfortunately, you will be fooled by a fake online banking. Another criminal sent an email in the name of the customer service department of XX Bank, falsely claiming that the bank's online banking system had been upgraded, asking customers to transfer funds to the XX account, etc., and then giving a link to online banking. Sorry, this is also a fake online banking, and there is a trap waiting for you! All in all, the method to prevent fake online banking is very simple. You can avoid the trap of fake online banking by following the following requirements: Search for the official website of the online banking you use through large search engines such as "Baidu" and "Google" and add these URLs. Favorites, you will only use the address in your favorites when logging into online banking in the future, other addresses will not be trusted or used!

2. Account and password setting and confidentiality. This part is actually a cliché, and many people are already familiar with it, but as a way to popularize online banking safety education, I will write it again.

a) Confidentiality of accounts. We generally have very low confidentiality requirements for accounts. If you have financial transactions with others, you will often encounter situations where others (including acquaintances and strangers) transfer money to you. It is simply impossible to keep the account confidential. Take the author myself as an example. I have published almost all bank card numbers on the Internet. Of course, if you are purely for personal use and have no financial transactions with others, keep your personal bank account private, which provides the first barrier to the security of your funds. Of course, some online banks do not use bank card numbers when logging in, but customer numbers (Agricultural Bank of China) or nicknames (SPD, Bank of Communications). In this case, you should ensure the security of this information.

b) Regarding the setting and confidentiality of passwords. Password is our core security barrier. If your password is leaked and your bank card number is found, even if the security protection system of online banking cannot be broken (for example, the certificate cannot be passed), a bank card can still be cloned. , withdraw your banknotes from the ATM. Therefore, NEVER, NEVER, never reveal your bank password to anyone! When it comes to setting passwords, online banking usually allows you to set a different password for bank card withdrawals. You can set not only numbers but also letters. From a security perspective, we recommend setting your online banking password to the form of "letters + numbers". If you have a strong memory and don't mind using it, you can consider changing your password once a month.

3. Use a secure computer to surf the Internet. The computer used for online banking should be used by a dedicated person and not used by anyone else, such as a desktop computer at home or a personal laptop. The above situations should be avoided as much as possible:

a) Using computers in Internet cafes

b) Using private or public computers in offices

c ) Internet access through an untrusted proxy

4. Exit online banking correctly. Many friends, whether they use email or online banking, are always accustomed to simply closing the browser instead of logging out normally, which is unsafe. We recommend that you log out normally after using online banking!

5. Do not use IE's automatic memory function. IE has the function of automatically recording input content, which brings convenience but also brings security risks. Our advice is: do not use this function and disable it.

6. Operating system security patch updates. The Windows system is a complex system, and vulnerabilities are inevitable, but it is important to update patches in a timely manner when patches are released. It is recommended to open an account with the update function that comes with the Windows system. It will automatically keep your system online and automatically download and install the latest patches, which helps to plug security holes.

7. Use the latest version of online banking. New versions often mean enhanced functionality and improved security, and it is a good habit to use the latest version. For example, CMB Online Banking Professional Edition has versions 3.6, 4.2 and 4.5. The author is using version 4.5.

Intermediate security requirements

1. Use an online banking certificate. Online banking certificates can effectively prevent fake websites and fund operations by unauthorized users. In addition, digitally signed electronic transactions are recognized by law.

2. Backup and storage of online banking certificates. Many online banks use certificates, but some certificates are installed in IE (such as China Construction Bank, Agricultural Bank of China, and Shanghai Pudong Development Bank), and some certificates are installed in online banking clients (such as China Merchants Bank Online Banking Professional Edition). When encountering serious computer problems, it is common to reinstall the system. If you do not back up these certificates in advance, you will have to go to the bank counter to apply for a certificate again, which is very troublesome. Therefore, it is very necessary to keep a backup copy of your online banking certificate.

a) If the certificate is installed in IE, such as certificates from China Construction Bank, Agricultural Bank of China, and Pudong Development Bank. Open IE, "Tools>Internet Options>Content>Certificate". You may find many certificates here. Find the corresponding online banking certificate, select it, and then click Export. Since there are many certificates, you may not know which are the online banking certificates. It is recommended that you write down the relevant information when installing the online banking certificate, which will help you find the online banking certificate. When exporting, save these online banking certificates by category. Some certificates will require you to set a password when exporting to ensure that your certificate will not be stolen by others. Please remember the password you set, otherwise your work will be zero! In addition, these certificates may have a file name that is not easy to remember when exported. You may wish to change it to be clearer. For example, change the name of China Construction Bank's online banking certificate to "CCB Online Banking Certificate" so that even if you see this again six months later, You won’t know what it is when you file it.

b) If the certificate is installed in the online banking client, take China Merchants Bank as an example. After logging into the professional version of China Merchants Bank Online Banking, go to "Certificate > Certificate Backup" and follow the prompts. Unlike other online banks, the certificate exported by China Merchants Bank not only requires setting a password, but also requires setting security questions, such as "What is my brother's name?" Be sure to clarify it, otherwise you may encounter trouble when restoring in the future!

c) After backing up these online banking certificates, be sure to keep them properly. It is recommended not to save it on your local hard drive because hackers may scan every file on your hard drive. It is a good idea to save it on a special USB flash drive or carve a special disk for storage. Of course, these things should also be kept properly and not allowed to be easily obtained by others.

3. Prevention of viruses and Trojans. Viruses and Trojans both pose threats to the use of online banking, especially Trojan programs! Many of today's Trojans are spread in the form of viruses, so we need to strictly guard against them. Specifically, install anti-virus software and firewall, and frequently check the task manager and registry to see if anything abnormal is happening. The task manager mainly checks whether the CPU usage is normal. If the CPU is 100% occupied for a long time, it is likely to be infected by a Trojan. The characteristic of the Trojan that comprehensively scans and records system operations and resources is that the CPU usage is too high. Find the process that takes up the most CPU and observe what it is to determine whether it is suspicious. The registry mainly checks whether any suspicious programs are called in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run". Of course, you can also directly "Start>Run", type "msconfig", and then click the "Startup" page to view this part separately.

Advanced security requirements

1. Use the soft keyboard to enter your password. There are some Trojan horse programs that can record keyboard operations. If you enter a password directly with the keyboard, it may be stolen. However, if you use a soft keyboard, that is, click and enter with the mouse, the password cannot be scanned. This prevents password theft.

2. Use a USB-Key disk or use a dynamic password.

For example, the USB-Key disk of ICBC online banking must be inserted into the USB-Key disk when transferring funds, otherwise it cannot be operated, which greatly increases security. Some online banks also use dynamic passwords. Every time you log in to online banking, the bank will send a dynamic password to the user's mobile phone, and you must enter the dynamic password to log in. Since the password sent by the bank changes every time the user logs in, the security of online banking has also been greatly improved.

3. Set limits. Setting limits on certain transaction amounts can effectively control risks. For example, setting the upper limit of funds for a single transfer to 2,000 yuan, setting the daily transaction limit to 5,000 yuan, etc. can effectively control risks.

4. The world has shifted greatly. That is to transfer the funds in the bank account to reduce the balance of the bank account. In this case, even if the online banking is stolen, the loss will not be too great due to limited funds. For example, China Merchants Bank's all-in-one card is a bank fund account, but China Merchants Bank's Yinjitong has a special margin account. The funds in the all-in-one card are transferred to the margin account, and then the funds in the margin account are purchased into currency funds, which greatly increases the cost. Fund utilization efficiency and security. Since the Yinjitong margin account password is different from the bank card password, they are two different accounts and platforms. The possibility of a cyber hacker breaking into two accounts at the same time, selling the user's funds, transferring the funds to a bank account, and then stealing the funds is almost zero!

5． Use other functions. Some special additional functions can also improve the security of online banking, such as Pudong Development's instant messaging. Shanghai Pudong Development Bank allows users to set a minimum limit. When the change amount in the account exceeds the minimum limit, the user's mobile phone will receive a short message with details of the account fund changes, so that the user can keep track of the account's fund status at any time.

In addition: Note that some habits can also lead to unnecessary risks

Online banking experts say that although online banking is not yet absolutely foolproof, there is no need to talk about "online" color. As long as you take basic precautions, online banking is still very safe O(∩_∩)O~. Experts recommend that online banking users develop the following good habits.

Using soft keyboard In many online banking theft cases, stealing personal online banking information through Trojan horse programs is a common trick used by criminals. In response to the characteristics of this crime, experts suggest that when depositors use computers to access the Internet and use online banking, some online banking login interfaces will provide a soft keyboard method for entering passwords. Depositors may wish to use this soft keyboard method to enter passwords, because this will maximize the chance of preventing the password from being used. Some Trojan software steals.

It took me a long time to write, so I added excerpts to my explanation. Bonus points for satisfaction!

Tired! ! ! !