80% of mobile banking applications have vulnerabilities

If you are a freelancer or an independent developer, designer, content manager, or you start a two-person startup, you may not even consider yourself a small business.

But customer data on your laptop and client bank on the iPhone make you a perfectly visible target for hackers - and lawyers.

For Neal O'Farrell, the executive director of the Identity Theft Council, a non-profit organization, it’s as foolish as possible to shut out security issues by explaining that you are too small.
O'Farrell gave a talk “Hackers are coming - why Small Business is a Big Target or You Have Something to Lose” at the Small Business Week conference in San Francisco.
')
His purpose? Scare to death all conference participants.

Neil O'Farrell writes on nealofarrell.com: "In the United States last year there were more data leaks than residents, more cases of identity theft than all other crimes combined."

If you do not encrypt all devices, then it seems you are asking for trouble.

“You need to wake up and protect yourself, even if you use a Mac,” he says. Hackers attack with automatic bots and the simplicity with which you synchronize contact information between a laptop and a smartphone and manage a bank account with it makes all data vulnerable.

“I don’t use banking applications on my phone,” explains O'Farrell, who worked on the first security system for the Irish ATM network. “Eight out of ten mobile banking applications have vulnerabilities, but Apple and banks do not want you to know this. I will wait another 20 years before entering this pond. ”

The prevailing idea that Apple devices are less vulnerable to hacking is no longer relevant, largely due to the growing popularity of the iPhone and iPad. “Hackers are following the crowd. We see a 400% increase in attacks on Android . This does not mean that the system is more vulnerable, they just focus on the mass user. "

Neal, an Irishman by birth, became a security expert 30 years ago and he advised companies such as Toyota, Merrill Lynch, Cost Plus World Market and the Bulgarian government.
O'Farrell cites the hundreds of hacking cases his organization faces every month. A small company gradually lost half a million dollars after two of its employees clicked on a fake UPS letter that launched a banking trojan, and the restaurant lost 200,000 on card skimmers.

Police investigate less than 1% of such crimes. “These are almost unexplored crimes,” the expert notes. “If you live in San Francisco, and your bank or personal data was stolen and used in another district, the cops will not investigate it. Too much paperwork. ”
And here's the thing: you may not have an office, staff, or anything that your grandmother connects with a business in order to earn a hell of an expensive headache.

Imagine that your laptop was stolen, just from it all the data was merged during the repair or because you did not clear the disk before selling it. “My biggest fear is not hackers, but lawyers,” he writes. “Suppose you had a thousand customers for all the time. When you sell or lose a computer or something else happens, you are subject to federal and local laws on the disclosure of personal data. ” And the average cost of losses, depending on the information, is $ 200 per record. You can calculate your own expenses.

There is a light side to this: there are several fairly inexpensive scenarios and solutions that can fix this, O'Farrell says.

If we summarize them, we get:

• Take a cheap laptop exclusively for working with an online bank - without mail, internet, etc.
• Use a credit card instead of a debit card for all transactions, except for withdrawing money from an ATM - “it’s better to lose the bank’s money than yours”.
• Delete, clean, encrypt.
• Recheck mail - if something seems suspicious, it is better to ask again.
• Teach everyone you communicate electronically, that caution should be preferred to curiosity when it comes to electronic communications.