In this age of technology, internet banking is quite a handy way to keep track of your finances. You simply log on through your bank's website, and you can do things like setting up standing orders, transferring money to people or other accounts, recharging your cell phones, and ordering cheque books etc. In a word, all the jobs that you would otherwise do going to a branch of a bank physically, can be done by logging on the website of your bank.

In the developed countries branch banking has already become obsolete. Though late, our banking industry is heading to this direction. Electronic banking also allows you to get financial deals that are just not on offer in the offline world. For convenience sake, you can't beat an online bank!

Among the domestic banks in Bangladesh, the private ones are ahead of their public sector counterparts in respect to going digital. AB Bank, Bank Asia, BRAC Bank, City Bank, Dhaka Bank, Dutch-Bangla Bank, Eastern Bank, First Security Bank, Islami Bank, Mercantile Bank, Mutual Trust Bank, NCC Bank, Prime bank, Premier Bank, Shahjalal Islami Bank, Southeast Bank, Standard Bank and Trust Bank are some of the banks marching towards e-banking. Some of them have full-fledged e-banking services but many are at primary level indeed. However, all are getting huge response from the customers and the remaining ones are expected by computer literate clients to launch internet banking.

The risk lies here as very few internet browsers have enough security awareness for surfing the internet. Earlier this issue of security was not much of a serious matter; the net users used to explore the sites without confronting any threat of loss but now it is all about money. So, security should be of the top-most priority. It is high time to use the internet, considering all the security measures.

However, the popularity of online banking has not gone unnoticed by the criminal gangs. The cyber criminals are also trying their best to fool your banker and you. One of the most common ways that a criminal will attempt to part you with your money is through something known as Phishing. Phishing is pronounced 'fish-ing'. The fisherman is a criminal, the bait is usually an e-mail that attempts to panic you into action, and the fish is you (the client)! Normally the criminal sends out thousands of e-mails using a list he got from a spammer.

The e-mail sent to you pretends to be from a real bank. Most people to whom the criminal sends the e-mails, will not have an account with that bank. But some will. It is those few that the criminal is after. In the e-mail, you may be warned that your banking details need updating, and it is essential that you act now to protect your account. They will usually try to scare you into taking action.

And there is always a link for you to click on. All you need to do is to click on the link and you will be taken to another area where you can enter your details. If you click on any of these links, you'll be taken to a page that does indeed look like your bank's website. In fact, it is not.

One trick the criminal may use is to have an address that looks similar to your bank's. For instance, the real website address of your bank is www.ibbl.com. Now take a closer look at this address, www.ibb1.com. The address has been spoofed. The "l" (letter l-el) is now "1" (numeric 1-one). But some spoofed addresses are quite difficult to spot, and even fool the more experienced surfers. You need to look for other clues in your browser.

One thing that all browsers will have is padlock icon. These are supposed to tell you that the site is using security measures. If you're using Internet Explorer 7, you'll see this to the right of the address bar. Click on the padlock and you'll see information about the security certificate. Click the link that says 'View Certificates'. Click the 'Details and Certification Path' tabs at the top. There should be plenty of details for you to view. Make sure the certificate has not expired.

The Firefox browser has more visual clues than Internet Explorer. Notice the address bar from Firefox. The address bar will turn yellow on a secure site, and the padlock is just to the left of the blue down arrow. Firefox also has another padlock. Look in, at the bottom left. Double click the padlocks and you'll see the security certificate. Notice the name of the website to the left of the padlock carefully.

One more thing is to be noted. The address for a secure site normally starts with https. If the "s" is missing, it's not a secure site! Every intelligent netizen must remember that your bank will never send you an e-mail asking for you to log in details! If you receive such an e-mail, forward it to your bank.

And don't click on the link! The same is true for other secure websites that hold your money - PayPal (coming soon in Bangladesh) never send you e-mails asking you to confirm your details! The latest versions of Firefox and Internet Explorer have anti-Phishing measures built in. You should make sure these are turned on when accessing secure websites. (In Internet Explorer 7, click Tools > Phishing Filter > Check this Website.)

Password may fail you if it is not wisely made and managed. In fact, we have all got lots of passwords! We've got so many that it has become increasingly difficult to keep track of them all. Banking passwords are no different. But the recommendation is to keep changing each one every few months or so!

Because, the whole password process is cumbersome, some people have one password for all of the sites on the internet that ask for them. This is something you should never do! You need a different password for each site. The reason is simple - if a criminal has your password for one website, he has got them for all your sites - he could clean you out!

The problem is, how do you remember them all? One technique for password creation is to take letters and numbers from a favourite song, saying, or something that's special to you. For example, a favourite saying of your own may be "only the uncertainty is certain in this world"! To turn this into a password, take the initial letters of each word. You'd then have this: 'otuicitw'. Let us complicate it a bit, by adding some capital letters: 'OtuicitW' slightly more secure. Let's add a number: '1OtuicitW10'.

Adding non alpha-numeric character helps password security enormously. '1_OtuicitQ_10'. Now, not only is the password longer, but also it has a mix of numbers, lowercase and uppercase letters, and non alpha-numeric character. This makes it more secure and harder for criminals to guess. A password like this is also easier for you to remember. Passwords should never be just four characters long! The reason is that criminals may have password-cracking software. Using such software, short passwords can be cracked in no time at all. Use at least eight characters.

Try not to log in to your bank account using somebody else's computer. Simply because you have no idea what security measures they take, and whether or not the computer is infected. Internet cafes are also not somewhere you should be entering security information.

In an internet cafe, all the data you enter are logged and saved by the owners. In some countries they are forced to do this by the state law. You can never be sure that your data are safe from prying eyes. Also, what if you forget to log out properly? The next person who uses the computer could see all of your details, and have access to your bank account!

The only place you should be entering your bank details are from your own personal computer (PC). Of course, you need to make sure that your own computer is safe from infection, and take sensible security measures when it comes to the e-mails you receive.

For ensuring safe internet banking basic computer literacy with security issues is a must. Any bank, being the custodian of the hard-earned money of the valued clients, should play a significant role in this regard. As an organisation a bank has enough scope to build awareness among its customers.

The banks can arrange internet learning programme for their existing and prospective e-banking clients, highlighting the security issues related to the transactions. Likewise, the customers should not depend only on the bank for safety. They should shoulder some responsibility, too, to learn the proper use of the internet for the sake of their own benefits. The combined efforts by the bankers and customers will be more effective to safeguard the banking transactions.

We need to remember the developed world is suffering a lot due to cyber crime - losing huge amounts of money digitally. So, if we don't look before we leap, we will be exploited digitally and once the security becomes alarming, the clients will be discouraged to go digital. Then the merits of e-banking will start turning into demerits and the growing e-banking movement may face a setback.

Who does not know that prevention is better than cure? Remember anything digital is not that it will be of hundred per cent perfect. The way you are served is changed, so is the way you are robbed. But what's wrong if we try to adopt more and more viable security measures with our intelligence? After all, this is the age of survival of the fittest!

Financial Express/Bangladesh/ 26th Feb 2012