rockyysdt Posted May 25, 2015 Share Posted May 25, 2015 (edited) I avoid it completely wherever possible, but I can foresee the need to use internet banking whilst on the move. How safe is internet banking via an ethernet cable (preferring this to wifi) when staying at hotels in Thailand? I use a Netbook which is loaded with Microsoft Internet Essentials virus/spyware security. Many thanks. R Edited May 25, 2015 by rockyysdt Link to comment Share on other sites More sharing options...
rockyysdt Posted May 25, 2015 Author Share Posted May 25, 2015 It's generally save as long as your Internet bank provider offers encryption. They all should do so. But if you are in doubt, buy a prepaid mobile internet card with an modem, or use it with your phone. That way you can do your banking over the mobile network, instead of using the hotel's infrastructure. Thanks for your tip. I often think mobiles offer the least protection. The problems coming from the sites you may "go to/have been to", rather than from the Internet service you may be using. Link to comment Share on other sites More sharing options...
ubonjoe Posted May 25, 2015 Share Posted May 25, 2015 I have done it on a hotel Wi Fi. There was no choice because they did not have anything else. I feel the internet banking I have has so much protection that it is safe. To change anything requires a OTP to my phone and I get an email for every log in and an SMS for any transfers. Link to comment Share on other sites More sharing options...
rockyysdt Posted May 25, 2015 Author Share Posted May 25, 2015 I have done it on a hotel Wi Fi. There was no choice because they did not have anything else. I feel the internet banking I have has so much protection that it is safe. To change anything requires a OTP to my phone and I get an email for every log in and an SMS for any transfers. Mine is similar, but have switched to e-mail alerts at this stage as I don't have international roaming for my usual mobile number. Link to comment Share on other sites More sharing options...
lj cm Posted May 25, 2015 Share Posted May 25, 2015 If you have a smartphone (android); then turn 'Mobile data' and 'WiFi hotspot' on. Then you can connect from your Netbook to your phone; same as you would do at home to your Router. Link to comment Share on other sites More sharing options...
KhunBENQ Posted May 25, 2015 Share Posted May 25, 2015 (edited) If you use your own netbook and take care that it is free from trojans/keyloggers etc. then there is no special concern to use a hotel WiFi or LAN cable. Its not safer or unsafer than from any other place. There are banking site that are more safe (state of the art) and other quite lax (outdated/suspicous encryption). The secured connection will not be cracked by some hotel staff or the like. For that it would need the fuill attention of a well known three letter organization (what is possible is still a well hidden secret, even Snowden can't tell you) Keep that apart from the fact, that unsecured connections over public internet access points (be it WiFi or LAN cable) CAN be logged/read. At the router of the hotel ANY unsecured (non encrypted) traffic can be logged/read. To learn about the security rating of your online bank: https://www.ssllabs.com/ssltest/ Enter the URL (domain name only) that you would use. (example "hsbc.co.uk" -> poor, grade C) Edited May 25, 2015 by KhunBENQ Link to comment Share on other sites More sharing options...
bendejo Posted May 25, 2015 Share Posted May 25, 2015 Security on your handheld device is not as strong as a desktop computer that has been well set up. But I do suggest that the security software (firewall, anti-virus, anti-malware) include products made by companies other than MS. Also, not using the IE browser is a good idea, IMO. Link to comment Share on other sites More sharing options...
technologybytes Posted May 26, 2015 Share Posted May 26, 2015 (edited) I agree that using a mobile hotspot via 3g data is much more secure, it's likely that if you use a smartphone then there is a app for your bank which should be even more secure. Anybody can stay in the hotel and broadcast an insecure wifi access point with the same name as your hotel and capture data.. but I have never heard of that with 3g. If your bank uses a security device (the dongle which gives you a secure code) then you are much safer. Be especially careful with Thai banks because they won't refund you if you are a victim of fraud. Edited May 26, 2015 by technologybytes Link to comment Share on other sites More sharing options...
asdecas Posted May 26, 2015 Share Posted May 26, 2015 You'll find in any case that fewer and fewer hotels offer cable connexions any more, they almost all rely on wifi these days. Link to comment Share on other sites More sharing options...
recycler Posted May 26, 2015 Share Posted May 26, 2015 It is very dangerous to use WiFi in hotels, almost all are managed by people who don't know what they do and many are hacked with software that will hack your session and get access to your accounts. Never ever use any password protected service over hotel WiFi, not email, not facebook and certainly not internet banking!!! If you can use a mobile provider via 3G or EDGE that is safer. The safest way is to setup a VPN connection to a server you trust or use a TOR browser to get you safely out of the hotel WiFi. Link to comment Share on other sites More sharing options...
Minnehaha Posted May 26, 2015 Share Posted May 26, 2015 I agree that using a mobile hotspot via 3g data is much more secure, it's likely that if you use a smartphone then there is a app for your bank which should be even more secure. Anybody can stay in the hotel and broadcast an insecure wifi access point with the same name as your hotel and capture data.. but I have never heard of that with 3g. If your bank uses a security device (the dongle which gives you a secure code) then you are much safer. Be especially careful with Thai banks because they won't refund you if you are a victim of fraud. Yes, that's an important point, thank you. In many (most) western countries, if your credit card is stolen or used without authorization ( same thing) and you report it ASAP, Visa Mastercard and other big ones will hold you accountable for first $50, only. If your Visa card (Debit or Credit) is issued by a Thai bank it is a completely different game. I know people who have one of those credit/debit cards that can do both. The guy was in the States and the card was hijacked (prob scanned) and used to the tune of $8,000. Bank said it was his problem. He fought it and eventually won, but it was only through personal connections. I would not use a credit card that is linked to cash account. And I use all the safeguards available, as others have pointed out, including OTP, etc. However, when abroad, it is not convenient to do that and there is no authorization system for credit cards. Bottom line: Credit card consumers have no recourse here. Debit cards also (obviously) have no recourse. It is up to you to prove the case with your bank and hope you have a good one and they are feeling generous. Link to comment Share on other sites More sharing options...
rockyysdt Posted May 26, 2015 Author Share Posted May 26, 2015 If you use your own netbook and take care that it is free from trojans/keyloggers etc. then there is no special concern to use a hotel WiFi or LAN cable. Its not safer or unsafer than from any other place. There are banking site that are more safe (state of the art) and other quite lax (outdated/suspicous encryption). The secured connection will not be cracked by some hotel staff or the like. For that it would need the fuill attention of a well known three letter organization (what is possible is still a well hidden secret, even Snowden can't tell you) Keep that apart from the fact, that unsecured connections over public internet access points (be it WiFi or LAN cable) CAN be logged/read. At the router of the hotel ANY unsecured (non encrypted) traffic can be logged/read. To learn about the security rating of your online bank: https://www.ssllabs.com/ssltest/ Enter the URL (domain name only) that you would use. (example "hsbc.co.uk" -> poor, grade C) The test revealed that my bank is graded A- due to "The server does not support Forward Secrecy with the reference browsers.". A test done on Bangkok Bank (bangkok.com) revealed : "We were able to retrieve a certificate for this site, but the domain names listed in it do not match the domain name you requested us to inspect. It's possible that: The web site does not use SSL, but shares an IP address with some other site that does. The web site no longer exists, yet the domain name still points to the old IP address, where some other site is now hosted. The web site uses a content delivery network (CDN) that does not support SSL. The domain name is an alias for a web site whose main name is different, but the alias was not included in the certificate by mistake." Link to comment Share on other sites More sharing options...
rockyysdt Posted May 26, 2015 Author Share Posted May 26, 2015 It is very dangerous to use WiFi in hotels, almost all are managed by people who don't know what they do and many are hacked with software that will hack your session and get access to your accounts. Never ever use any password protected service over hotel WiFi, not email, not facebook and certainly not internet banking!!! If you can use a mobile provider via 3G or EDGE that is safer. The safest way is to setup a VPN connection to a server you trust or use a TOR browser to get you safely out of the hotel WiFi. It seems nothing is secure. I understood TOR browser users would come under special attention by authorities as it would attract criminals and those with something to hide. How would I set up a VPN? Carry large sums of cash/gold, credit cards, atm cards, foreign bank accounts, take your pick, either way you can be screwed. Link to comment Share on other sites More sharing options...
rockyysdt Posted May 26, 2015 Author Share Posted May 26, 2015 If you use your own netbook and take care that it is free from trojans/keyloggers etc. then there is no special concern to use a hotel WiFi or LAN cable. Its not safer or unsafer than from any other place. There are banking site that are more safe (state of the art) and other quite lax (outdated/suspicous encryption). The secured connection will not be cracked by some hotel staff or the like. For that it would need the fuill attention of a well known three letter organization (what is possible is still a well hidden secret, even Snowden can't tell you) Keep that apart from the fact, that unsecured connections over public internet access points (be it WiFi or LAN cable) CAN be logged/read. At the router of the hotel ANY unsecured (non encrypted) traffic can be logged/read. To learn about the security rating of your online bank: https://www.ssllabs.com/ssltest/ Enter the URL (domain name only) that you would use. (example "hsbc.co.uk" -> poor, grade C) Hello Khun B. Thank you for your informative reply. As it is contradictory, how would you respond to "recyclers" post? Quote: " It is very dangerous to use WiFi in hotels, almost all are managed by people who don't know what they do and many are hacked with software that will hack your session and get access to your accounts. Never ever use any password protected service over hotel WiFi, not email, not facebook and certainly not internet banking!!!" Link to comment Share on other sites More sharing options...
KhunBENQ Posted May 26, 2015 Share Posted May 26, 2015 (edited) Clearly contradictionary. You would have to go in technical detail to find out whether a hotel hotspot could hack into your banking connection. Would be a "man in the middle" attack. A good secured connection should not be exposed to such threat. And this one: are hacked with software that will hack your session and get access to your accounts Is purely a bad dream. Proof or example how this should work on your PC/device. Again a different story: using public devices/PCs at internet cafes or the like. That IS dangerous. Risk of trojans/keyloggers. Bangkok Bank Indeed. Just did a recheck and I am surprised how bad it is."C" rating. Could bet it had been better in the past? (maybe due to new threats found and not fixed) Siam Commercial (SCB): also "C" rating! Kasikorn also "C". Edited May 26, 2015 by KhunBENQ Link to comment Share on other sites More sharing options...
KhunBENQ Posted May 26, 2015 Share Posted May 26, 2015 I also checked two banks in Germany that obviously been downgraded. There must have been significant new threats being detected over the last year. But just remind: this is not something specific for public WiFi / internet. Link to comment Share on other sites More sharing options...
hawker9000 Posted May 26, 2015 Share Posted May 26, 2015 Two suggestions: KNOW your bank's policies regarding your liability for fraudulent activity on your account AND phone numbers for reporting incidents. Many banks offer a menu of alerts which can be implemented for informing you of unusual activity and tripping of limit triggers via email and SMS text. Avail yourself of these things; turn them on and set appropriate limits (don't just blindly accept the defaults). Additionally, many banks will let you set a "special" password or codeword, which is never used to logon or make an ATM or cc transaction, but must be used anytime you want to make any changes to your account by phone. This helps prevent "account hijacking", unauthorized add'l cards, etc. Link to comment Share on other sites More sharing options...
nithisa78 Posted May 26, 2015 Share Posted May 26, 2015 You Can't Cheat an Honest ManWC Fields Link to comment Share on other sites More sharing options...
hawker9000 Posted May 26, 2015 Share Posted May 26, 2015 You Can't Cheat an Honest Man WC Fields Some quaint truth to that ... ... about a hundred years ago. Link to comment Share on other sites More sharing options...
Thakkar Posted May 26, 2015 Share Posted May 26, 2015 One problem with hotel WiFi's is that hackers often set up their own WiFi networks near hotels that have similar names to the hotel's network. Make sure you don't connect to the wrong network or they will log your keystrokes. T Link to comment Share on other sites More sharing options...
phazey Posted May 26, 2015 Share Posted May 26, 2015 As long as; The site is encrypted with SSL/HTTPS and the certificate is valid (not self signed) Your laptop/netbook is clean No one is watching you enter your credentials Your account is protected with 2FA like a pin dongle You'll be fine. Link to comment Share on other sites More sharing options...
KhunBENQ Posted May 27, 2015 Share Posted May 27, 2015 One problem with hotel WiFi's is that hackers often set up their own WiFi networks near hotels that have similar names to the hotel's network. Make sure you don't connect to the wrong network or they will log your keystrokes. T No. Repetition does not make it better! Again: if the connection is encrypted, no Somchai hobby spy can read anything. Keystroke logging takes place on the device (PC, laptop or whatever). If its your device, its "up to you" to keep it clean. But on public terminals/internet cafes/other peoples devices etc.: be careful, dangerous! Never enter sensitive data on a device that a "friendly person" borrows you. Link to comment Share on other sites More sharing options...
astral Posted May 29, 2015 Share Posted May 29, 2015 How security conscious is your bank? Do they ask for all the password? If so they are not security aware I have a 4 digit PIN and a 13 character password with my UK bank I am only ever asked for 3 of the PIN digits, in a random order and 4 characters from the password The next time the combination is different, so a keylogger would have to watch for a long time to get the necessary data to hack my account Link to comment Share on other sites More sharing options...
siam2007 Posted May 30, 2015 Share Posted May 30, 2015 I use STEGANOS VPN on both my laptop and my mobile devices. 500 MB data traffic per month is free and is more than enough to do some transaction that require enhanced security. even in the basic version, you can choose an IP from many countries they have in their list. google for it Link to comment Share on other sites More sharing options...
rockyysdt Posted May 31, 2015 Author Share Posted May 31, 2015 I use STEGANOS VPN on both my laptop and my mobile devices. 500 MB data traffic per month is free and is more than enough to do some transaction that require enhanced security. even in the basic version, you can choose an IP from many countries they have in their list. google for it How does one protect themselves from steganos themselves? Link to comment Share on other sites More sharing options...
hawker9000 Posted May 31, 2015 Share Posted May 31, 2015 (edited) One problem with hotel WiFi's is that hackers often set up their own WiFi networks near hotels that have similar names to the hotel's network. Make sure you don't connect to the wrong network or they will log your keystrokes. T No. Repetition does not make it better! Again: if the connection is encrypted, no Somchai hobby spy can read anything. Keystroke logging takes place on the device (PC, laptop or whatever). If its your device, its "up to you" to keep it clean. But on public terminals/internet cafes/other peoples devices etc.: be careful, dangerous! Never enter sensitive data on a device that a "friendly person" borrows you. I agree that internet cafes, hotel-provided PCs, and other shared PCs should be avoided for personal banking and where the entry of sensitive info & credentials are involved. However, some may find this unavoidable on occasion. If so, then you should be checking up on your accounts afterward on a regular basis, preferably from a secure device, to make sure they haven't been compromised. If you have no such secure device, then perhaps by phone for account balances & recent transactions. If THAT's not possible, then be sure and check on things FIRST THING after you get back home!Frequent travelers really should have a well-maintained, adequately secured, personal wifi-capable device with VPN services configured on it. That you have a secure connection to your hotel's access point doesn't mean you're still not vulnerable to a man-in-the-middle attack on the hotel's network (tho' I'd consider that risk relatively low in most cases). A VPN secures your connections all the way from your own device (assuming it's clean) to the VPN server you're using. The problem in a thai hotel is that the available internet bandwidth (not to be confused with wifi signal strength or "bars") may not be sufficient for a workable VPN connection.. This is where being able to "tether" from your cellphone or use of "mifi" device with thai simcard & dataplan come in. Edited May 31, 2015 by hawker9000 Link to comment Share on other sites More sharing options...
gk10002000 Posted June 1, 2015 Share Posted June 1, 2015 I have done it forever here in the USA over the years and in Thailand I routinely use the local internet shops to access my accounts when necessary. I don't bring my own laptop. I assume my bank has the appropriate security. I never had a problem and over the years have connected with my USA banks, credit card companies, some state websites, etc. However, my workplace says to ALWAYS use a VPN when using any wifi anywhere outside of work for anything and prohibit us from using wifi as is. They give us such a thing for out laptops but I have never set it up or used it. You might want to look at getting a VPN. Link to comment Share on other sites More sharing options...
hawker9000 Posted June 1, 2015 Share Posted June 1, 2015 One problem with hotel WiFi's is that hackers often set up their own WiFi networks near hotels that have similar names to the hotel's network. Make sure you don't connect to the wrong network or they will log your keystrokes. T No. Repetition does not make it better! Again: if the connection is encrypted, no Somchai hobby spy can read anything. Keystroke logging takes place on the device (PC, laptop or whatever). If its your device, its "up to you" to keep it clean. But on public terminals/internet cafes/other peoples devices etc.: be careful, dangerous! Never enter sensitive data on a device that a "friendly person" borrows you. I agree that internet cafes, hotel-provided PCs, and other shared PCs should be avoided for personal banking and where the entry of sensitive info & credentials are involved. However, some may find this unavoidable on occasion. If so, then you should be checking up on your accounts afterward on a regular basis, preferably from a secure device, to make sure they haven't been compromised. If you have no such secure device, then perhaps by phone for account balances & recent transactions. If THAT's not possible, then be sure and check on things FIRST THING after you get back home!Frequent travelers really should have a well-maintained, adequately secured, personal wifi-capable device with VPN services configured on it. That you have a secure connection to your hotel's access point doesn't mean you're still not vulnerable to a man-in-the-middle attack on the hotel's network (tho' I'd consider that risk relatively low in most cases). A VPN secures your connections all the way from your own device (assuming it's clean) to the VPN server you're using. The problem in a thai hotel is that the available internet bandwidth (not to be confused with wifi signal strength or "bars") may not be sufficient for a workable VPN connection.. This is where being able to "tether" from your cellphone or use of "mifi" device with thai simcard & dataplan come in. Oh, and one other suggestion for after you get home if you've been using shared PCs overseas: Change your passwords! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now