Tracking down and eliminating the cause of a security breach.
One of my banking online accounts was breached. The bank’s fraud department could tell from the IP address that someone from the Ukraine had logged on. That bank does not use SSL/TLS encryption. So, I know that this was not as a result of the Heartbleed Bug that was recently discovered. I would really like to know how this happened so that I can avoid a recurrence.
I can think of two possibilities: 1) the problem with security on Safari that was fixed with a Mavericks update in late February and 2) key logging malware may have somehow been installed on my MacBook (2011 running Mavericks 10.9.2, Safari 7.0.3). I don't know of any other ways someone could have obtained my username and password for that account. I am changing passwords (and usernames where possible) on my online accounts using “strong” passwords. I do not do not access online accounts from unsecured wifi networks.
The bank said to run virus software on my computer which I used to do diligently when I was on a Windows PC before 2008, but I’ve read in these forums that running antivirus software on a Mac could cause more problems that it solves. What do you suggest I do to ensure that my MacBook is secure? I can post an EtreCheck report, if that helps.
MacBook Pro, OS X Mavericks (10.9.2), 17" late 2011 model Safari 7.0.3