I think that the riskiest financial transaction most of us make, is to stuff some cash in a wallet and go to the pub. I check my accounts, bank and credit cards, almost every day. I once spotted a strange transaction on a CC and had to get a new card, and my loss was promptly credited back.
Life is full of risks - we need to make rational decisions about which are the lesser and which are worth taking. I painted a yellow line outside my house to keep the tigers away. It has worked perfectly for 30 years.
YMMV, but I would not recommend using a computer “straight out of the box” for anything. Without installing security updates or updating virus protection, you are not using the internet safely.
There’s a lot of paranoia here. Don’t your banks use dual factor authentication? My bank:
doesn’t accept keystrokes for password input, using an on-screen keypad to thwart keyloggers. Not foolproof, but if we’re talking about keyloggers specifically as a threat, they are not a problem.
sends my phone a text with a verification code every time I try to transfer money out of my account. I have to enter the code into internet banking to complete the transaction or the transfer doesn’t proceed.
So far I have been using internet banking for 15 years without an incident, touch wood.
UK banks apparently have even better dual factor security measures. I expected the US banks would have vastly superior security to Australia.
Just in case it isn’t clear: It’s not that you have an account, and then also have information about your account. The information about your account is your account. If you have an account, then the information exists, and in a form that can be accessible from other places. A bank account doesn’t work, otherwise.
US banks aren’t even using chip & pin widely yet. I’ve worked for a couple security software vendors and know that Australian banks were among the early adopters of multi-factor authentication for online banking.
To log into my bank I need three things: A 10 digit number (allocated when I opened it); a password created by me, and changed from time-to-time; and a code (10 alphanumerics), also created by me, that has to be entered via a drop-down menu.
I can do most transactions without any further checks, but if I add a new recipient, I get an automated phone call to confirm it. This is to stop someone, who stole my details were I foolish enough to leave them around, (I gather relatives and lodgers are the common culprits) from simply transferring all my cash to some other account.
The biggest risk to any internet banking is someone who has access to your computer and your phone.
However, if the question is “could someone just log into my bank’s online banking as me?” - and you’ve never actually set up online banking, the answer is almost certainly not. It’s a bit like asking if someone could spend money on my credit card that I have never applied for.