You urgently need to do a transaction and your bank is miles away. Knowing banking sites are generally secure, you sit down at a computer in an Internet cafe and assume it has all the bells and whistles of security -- virus protection, anti-spyware software or a firewall. Despite the convenience, such a facility can present you with severe banking risks. Scammers and hackers may capture your online banking information through software or hardware installed on such computers.
Being public spaces, Internet cafes have the added risk someone could be shoulder-surfing -- watching over your shoulder, monitoring your activity. If the person is well motivated, such as an identity thief, he will watch your keyboard and websites you visit as you enter your login and password or fill forms, particularly on banking sites. It may appear trivial, but an impersonator can use key pieces of your identity to contact your bank to adjust or reset your login details, access your bank accounts, obtain loans in your name or make purchases.
Your keystrokes may be captured by keystroke logging software installed by either the staff or users at the Internet cafe. Anytime you log into your bank account, work account or social sites, your username and password are captured and saved into a text file later accessed by the installer. Even when Internet cafes do not allow users to install software on the computers, someone can use a hardware keylogger plugged into the USB port. For your protection, use the onscreen keyboard when entering your banking password.
Often called packet capture, network sniffing software can be installed on the computer you are using, capturing all the network traffic coming to and from the computer. A variation of this is the man-in-the-middle attack, where Internet traffic from a computer is redirected through the hacker's machine, enabling the hacker to acquire data.
You may have taken great care to minimize the security risk of performing your online banking at an Internet cafe, but forgetting to log out exposes you to potential risks. Although most bank websites will log you out automatically after a period of inactivity, another user might step right in after you and access your account.
- Ryan McVay/Photodisc/Getty Images