Public Wi-Fi just one way financial data is vulnerable
A case of suspicious activity on a credit-card account leaves a laptop user wondering how his card number got out.
Special to The Seattle Times
Q: Recently my bank flagged suspicious activity on a major credit card. I confirmed the activity was not authorized. The bank canceled that card and issued another to me. I have been trying to figure out how my card could have been compromised.
Several weeks before this incident I used the Wi-Fi at a Starbucks and made a purchase through Travelocity, which I have used in the past, including over unsecured Wi-Fi, without problems. I suppose it is possible someone could have intercepted the signal at that location, but that seems unlikely in a small town outside Seattle.
Could my laptop have been infected with a malware program that collected the card information, then sent it out via a concealed email? I have Norton 360 security installed on my Toshiba Satellite L305 running Windows Vista Home Premium, and I presume the Norton program checks and updates automatically. I have not received any notifications or warnings from Norton. Any thoughts?
— Jim Holt
A: My first thought is that old line, “Just because you’re paranoid doesn’t mean someone isn’t following you.” Any data you send over the Internet, or over a cellphone or even a landline, is susceptible to being compromised.
Rule No. 1: Don’t do anything financial over an unsecure wireless connection, and that means most publicly accessible Wi-Fi.
If Travelocity already had your account number and you didn’t have to type it in, the culprit was probably not someone intercepting your Wi-Fi transmission. Still, we hear almost weekly of some major company’s accounts being hacked, so there’s that to wonder about, too.
And yes, there are many kinds of malware that could be lifting your credit-card number. You’re wise to be running anti-virus software. But keep in mind that anti-virus programs cover only part of the universe of malware. So I’d suggest also running an anti-malware program. You can download a free version of Malwarebytes Anti-Malware at www.malwarebytes.org.
Also, make sure you’ve got a software firewall installed on each computer you’re using. Norton 360 includes a firewall, as does Windows itself. Just make sure one or the other is running.
But let’s not forget the old-fashioned threats, too. Any waiter or cashier who handles your credit card could be getting that information. Are we paranoid enough, yet? Probably not. But that’s why the best protection for now — apart from the common-sense measure above — is the banks’ systems for detecting suspicious activity.
Q: We recently had Internet trouble, and after some testing, Frontier came out and replaced the router. The desktop we have hard-wired to the router is working fine, but the laptop, which connects wirelessly, can’t connect. It “sees” the Frontier wireless network but is unable to connect.
— D. Booth, Bellevue.
A: Delete the connection to your wireless router on the laptop, and then create a new wireless connection using the Network and Sharing Center, which you can find in the Control Panel.
What’s going on is that when Frontier replaced your router, the connection settings you had set up in the router were no longer there. Generally, routers have default settings that allow you to connect, so you’ll need to find out what Frontier’s default settings are.
You’ll also want to change the default settings, so you’ll need to find out from Frontier how to log into the router. At the very least, you’re going to want to select a type of security to use and a password to connect. And you should also configure the router not to broadcast its station identifier. That way, users will have to know the name you’ve given the wireless connection.
Questions for Patrick Marshall may be sent by email to firstname.lastname@example.org or email@example.com, or by mail at Q&A/Technology, The Seattle Times, P.O. Box 70, Seattle, WA 98111. More columns at www.seattletimes.com/