Trusteer?

Dunno from the "techie" aspect, Dave, but from a "general interest" POV - I have had it for years from my bank and have not had any problems.

OG

I know that NatWest (with whom I do not bank) seeks to encourage its online clients to use it but, having had a look at it, I cannot see what security measures it can offer that are not already offered by other means including banks' other security measures. Whilst the matter of whether Trusteer might widen the scope of cyber attacks is something on which I would not even speculate, I'd still be wary of using something that doesn't do a necessary job any better than facilities that one might already be using, some of which are courtesy of their bank. My bank doesn't advocate it - but then it's also discouraged me from making contactless card transactions as a consequence of its experience of their being more susceptible to problems.

I use it from HSBC.

To quote the R4 1 o'clock news just now: banks use better cyber security than a lot of states.

Thats a good enough argument for me

I've been using it for some years, or at least the program has been installed on my computer. I don't know how much it protects me, if at all. If nothing else the bank can't blame me for not having installed their recommended software if I ever have a dispute with them.

That statement from R4 is typical of their poorly researched off-the-cuff comments. Which 'state' ? A banana Republic? Quite possibly. As I type this Tesco's hack of their bank systems is in the papers. The fact is that while in the US any hacks of a financial institution have to be reported and so it is a matter of record just how bad some of their systems are, in the UK the is not the case and so the scale of hacking and fraud on UK banks is not definitively known. Which recently produced a report that, while missing out and skipping over some key aspects, found that security in many UK banks and financial institutions was poor.

I complained to Fidelity when they took over my old companies pension business. To log in to my account, I needed a username and password which they sent to me. OK - they followed best practice in that they sent the two items of information in separate envelopes. However, rather than have some obscure username, what did they use ? My actual name. So anyone picking up the second envelope with the password would have unfettered access to my pension account. Fidelity thought that there was no issue. I closed my account and moved it.

As far as Trusteer Rapport goes, a simple Google will show that there are enough people out there having problems with it that I wouldn't give it Mac-room.

Oops I down loaded it yesterday when prompted online. Is anywhere safe, digitally speaking?

I'm not surprised that you gave Fidelity the chop after such a ridiculous incident! Did it not enable you to register online and choose your own username and password rather than sending you each of these through ordinary mail? I thought that most companies did these these days, especially since online means online (if you'll pardon the adaptation of that silly expression that had some currency in the wake of 23 June). Even if my bank offered Trusteer Rapport, I'd not give it PC-room either.

The only security issues that I've had with my bank in many years are outside the responsibility and control of the bank and these are when I receive calls purporting to be from my bank but which are not so. I had several of these a few months ago but they seem now to have stopped. My bank never calls me unless returning a call to discuss something that's already been started and, when it does, it insists on going through security questions with me before engaging in conversation. When I received one of the rogue calls I asked why the caller had not taken me through security at the outset; that put a stop to that. On another occasion, however, the caller did ask to do this but was presumably unprepared for the wide range of questions arranged between my bank and me because he asked one that wasn't on the list. On each such occasion, I was suspicious from the get-go and called my bank to report the calls and received the expected confirmation that no one there had called me. They do have a security programme for this but I decided against enrolling for it because I figured that the easist and most dependable way to get around this would be to answer "I'm sorry, I'm very busy right now; let me have your name and I'll call back in 10 minutes or so". It worked on three further occasions, since when that scam seems to have gone elsewhere.

I do use Verified by VISA, though and have experienced no issues with that.

This is now an old link, but does highlight some issues- https://krebsonsecurity.com/2010/04/...from-trusteer/

If little has changed for the better since the date of that link, it sure bodes ill for Trusteer...

Yes, any computer not connected to the internet, it's USB and other ports locked down, (if a PC then access to the C: prompt disabled), any CD drives etc disabled....the list goes on and on. But then from a user's perspective not very useful!

Best advice is:

1) Keep your wits about you
2) Use and keep updated anti-virus software on whatever machine you are using
3) Unless you are sufficiently technically savvy to install a double-router set-up then avoid anything connected to your router that comes under the heading of 'Internet of Things' - webcams, YouView recorders, smart TV etc.
4) Don't open emails from people you don't know
5) Don't fall for the telephone call claiming to be from Microsoft Technical and telling you that you have a bug on your computer
6) Again, keep your wits about you.

There are more suggestions but I'll leave that to others.

Wise advice.

I would add to 4) and don't open emails from people that you dod know if they look suspicious (especially if they have attachments which shouldn't be opened) and have come from unfamiliar and suspicious looking email addresses rather than those that you already know.

I would also add to 5) and don't fall from the telephone call claiming to be from your bank, whether or not it's genuine; tell the caller that you're on another call right now and will call back in ten minutes or so -and then call the bank to see if anyone from the bank really did call you.

and your professional background to give such advice is?
twitter etc seems full of generally junk or misleading comments

Using a different phone (i.e. one using a different telephone number).

Yes because they can stay on the line keeping it open, and when you next pick up the phone they play a dialling tone etc, so they are able to continue the hoax.

I confess: in a dozy state I nearly got taken in by an internet hoax the other day. My antivirus software popped up and asked me what did I think I was doing!