Your Risk of Being Hacked

Your Risk of Being Hacked: a reader asked…

Thank you for the excellent article “I’ve Been Hacked – What Do I Do?” It raised a question for me. I do online banking from my Windows 7 laptop. I don’t let it remember my passwords for banks. I have an older tablet as well as a new Samsung Galaxy Tab A7. I am using an older Android-powered smartphone but am considering upgrading to a Samsung S9. What I’m wondering is, am I keeping my banking information safer by not using the banks’ apps on tablet and smartphone? Or would I be better to download/use their apps?

While I normally help folks work with the equipment they have, your old laptop presents a significant and dire security risk. Windows 7 is way past its sunset date, and hasn’t been receiving security updates for almost a year and a half. Until you get yourself a secure computer, all your online activity is at risk from scammers and hackers. A secure computer is one running Windows 10 or MacOS Big Sur.

When it comes to security on tablets and smartphones, in my opinion Apple’s iOS system is very secure, Android smartphones and tablets much less so and significantly more vulnerable to being compromised. Older Android-powered devices are at even more risk, since they generally don’t get updates after the first year or so. These days, old hardware is more risky from a security standpoint – the hackers constantly work to compromise older systems, banking on the public’s reluctance to always keep up-to-date. By contrast, even iPhones from 2016 are still getting the latest iOS updates. Hopefully, Google and the many hardware manufacturers will get better at keeping even older Android-powered devices up-to-date.

You mentioned a Samsung S9 smartphone – that was released back in 2018 – which is the outer limit of age I’d consider on most Android-powered devices. Instead, I’d consider the S20 or S21, which are more recent. Your Samsung Galaxy Tab A7 (or S7) was released in September 2020, so it should still be secure for another year or so – until you can’t get the latest Android version for it. Currently we are on Android 11, I expect Android 12 within in the next 12 months. Watch for its release and see if you can update your tablet. Samsung may take a few months to get an update pushed out, but any longer and you’re starting to see more and more security vulnerability as hackers exploit the old versions’ weaknesses.

Banking apps (only directly from your financial institution) are as safe as they can be – the banks design them to be fully encrypted. But your account access credentials are certainly at risk from your unsafe computer (and potentially older Android-powered devices), which would negate any security built into the apps themselves. And the banks constantly update those apps – if you don’t keep them up-to-date you are also risking your security. See, security is an ongoing, iterative process. not a “once-and-done”. And, it’s also a matter of you keeping current on cybersecurity issues, threats and vulnerabilities for your particular situation. Unfortunately, most consumers simply don’t bother with all this, which makes them easy targets for hackers and scammers.

My recommendation for consumers is to: budget both time and money for regular hardware and software upgrades to keep all your computer and computing devices up-to-date; spend time on a regular basis learning about security threats to your systems and how to counteract them; and continuously improve your security practices.

On that third recommendation, you should use strong (aka long) and unique passwords for every one of your online accounts, and use 2-factor authentication on all online accounts where that’s available. A good password manager and a good 2-factor authentication app on currently-supported smartphone, tablet and computer will go a long way towards making you a harder target for hackers and scammers.

One last note. Since you’ve been doing online banking on a Windows 7 computer and possibly on older devices, I think that (as soon as you’ve retired them and are only using current hardware) you should go through all your online accounts and change the passwords. Your first priority should be your email account, then your banking and credit card accounts, then your online shopping accounts or anywhere you might have a saved payment method. Once those are all secured, you can tackle all your other online accounts. Why do this? Because it’s quite possible that all your passwords have already been compromised and are in the hands of hackers looking to steal your money and your identity. That’s directly related the ongoing risk of using Windows 7 in 2021.