Fraudproofing works because four parts of your digital life remain completely isolated: a secret email, a secret phone number, a locked-down laptop, a Dedicated IP, and an offline VeraCrypt vault.

As long as nothing from the “dirty” everyday world ever touches those four clean zones, criminals can steal everything else about you and still never reach your money.

A “hole in the boat” is any small action that breaks that isolation — a moment of convenience, curiosity, or carelessness that lets in malware, tracking, or credential exposure.

This page shows realistic examples of how those holes appear and what can happen when they do. The goal is simple: to demonstrate why the system only works when followed exactly.

Breaking the isolation, even once, can mean rebuilding the entire setup.
One wrong move can trigger a chain reaction that undermines the whole protocol.

These are examples, not a complete list. It’s up to all of us to recognise and avoid anything that risks breaching the isolation that keeps your financial identity secure.

A KEY POINT TO REMEMBER HERE IS THAT WE ARE PROTECTING AGAINST THINGS THAT ALOT OF THE TIME WE CANT SEE AND WE CANT DETECT

1. Logging into the secure bank email from your everyday laptop

Example:
You check your banking email on your everyday laptop — the same laptop you used last week to download a PDF from Facebook Marketplace. That PDF secretly installed a tracking extension in your browser. Now that extension sees your banking email login.
Technical outcome: The extension can capture your session cookies or login tokens, giving remote access to your banking email.
Hole in the boat: You created a direct bridge between the secure world and the contaminated world.

2. Re-using your secure phone number for a delivery, online form, or loyalty program

Example:
You use your secure number for an UberEats order “just once.” The service gets breached months later — your number is now in a data dump.
Technical outcome: Attackers can target you with SMS phishing, SIM-swap probes, and account recovery attempts.
Hole in the boat: Your dark number is no longer dark — the boat leaks.

3. Signing into your bank on your home Wi-Fi after letting a visitor join your network

Example:
Your nephew connects his phone to your Wi-Fi. His device already has hidden malware that scans networks. The moment he joins, it scans your whole network — including your secure device.
Technical outcome: The malware can probe ports, attempt local exploits, and intercept traffic metadata.
Hole in the boat: Secure device + contaminated network = water rushing in.

4. Using the secure laptop to print something at Officeworks

Example:
You plug your secure laptop into a public Officeworks printer. That printer has been touched by hundreds of random devices.
Technical outcome: Malware on the print server can auto-run scripts or inject files into your system the moment you connect.
Hole in the boat: A single cable punched a hole straight through the hull.

5. Installing “just one” extra app on the secure phone

Example:
You install a QR scanner for a menu. It quietly requests permissions to track network activity and device identifiers.
Technical outcome: The app can fingerprint your phone and monitor browsing, undermining isolation.
Hole in the boat: One extra app is one new leak.

6. Logging into your bank on a hotel or Airbnb Wi-Fi

Example:
You connect to hotel Wi-Fi and log into your bank. Someone in another room runs a packet sniffer.
Technical outcome: Attackers can capture DNS queries, session timing, and attempt downgrade or injection attacks.
Hole in the boat: You handed your traffic to strangers — a hole big enough to sink the hull.

7. Taking your secure laptop to a repair shop

Example:
A technician plugs in a USB to “diagnose” an issue and silently clones your drive.
Technical outcome: Full disk images, tokens, autofill data, and keychain items are now exposed.
Hole in the boat: Holes drilled professionally, completely compromising the vessel.

8. Copying files between the secure laptop and your daily laptop via USB

Example:
Your daily laptop has dormant malware from a website you visited months ago. You transfer a file via USB onto your secure laptop.
Technical outcome: USB-based malware executes automatically or hides payloads that trigger on the secure system.
Hole in the boat: You connected a pipe from dirty water straight into the clean hold.

9. Saving your banking passwords in a browser on the secure device

Example:
You let the browser on the secure laptop save your banking password “just for convenience.” Even without a Google account, the browser stores that password locally inside its profile folder.

Technical outcome:
Browser password stores can be extracted directly from the device using simple credential-dumping tools. If malware ever reaches the secure laptop through a network, USB, or misconfiguration, it can read those saved passwords instantly — no cloud access required. Browser credential vaults are one of the first things attackers target.

Reinforcement:
Your banking password must exist only in your VeraCrypt vault and/or in your memory — nowhere else. The moment it’s stored outside those two locations, it becomes copyable, harvestable, and no longer under your exclusive control.

Hole in the boat:
Storing passwords inside a browser creates a ready-made treasure chest — and puts a crack straight through the hull.

10. Logging into your bank while running a VPN on a shared household router

Example:
Your teenager installed a free VPN on the router.
Technical outcome: The VPN provider has full visibility into all network traffic, including metadata from your banking session.
Hole in the boat: Your secure session flowed through a dirty tunnel.

11. Using the banking device to join a Zoom/Teams call

Example:
Zoom requests permission to record your screen and control windows.
Technical outcome: A single vulnerability can expose these permissions to malicious processes or cloud servers.
Hole in the boat: Your banking device just became a surveillance device.

12. Leaving your secure phone unlocked around other people

Example:
A relative snaps a photo of your inbox while you’re making tea.
Technical outcome: Your banking email address is now stored on a device you cannot control — and that device may sync to cloud services.
Hole in the boat: A harmless moment turned into an unintended leak.

13. Backing up the secure device to iCloud or Google Drive

Example:
Your secure phone quietly uploads its data to iCloud.
Technical outcome: Cloud backups are decrypted for indexing and accessible through multiple internal systems; if the account is breached, so is the data.
Hole in the boat: You handed your secure vault to the cloud — iceberg ahead.

14. Bluetooth accidentally left on

Example:
A nearby attacker scans for Bluetooth devices and sends a targeted exploit.
Technical outcome: Bluetooth flaws can allow forced-pairing, device fingerprinting, or remote code execution without user approval.
Hole in the boat: A tiny broadcast became a growing leak.

15. Letting someone “quickly hotspot” off your secure phone

Example:
A friend’s compromised phone connects to your hotspot.
Technical outcome: Their malware can run ARP spoofing, local probing, or man-in-the-middle traffic manipulation.
Hole in the boat: You let contaminated water flow directly into the secure network.