With the popularization of internet, it is very common using internet bank to perform on-line accounts transferring at home. In order to guarantee the transaction security, the internet bank has possessed various kinds of safety and security mechanisms. For instance, the internet bank provides users’ authentication, SSL, Smart Card identification, one-time password and other methods. Despite this efforts, it is still difficult to lockout all kind of attacks. For example, most internet banks use Microsoft IE as the base platform, in which Active X and JScript are used. It turns out that the browser of client can only use IE to do the deal. Since Microsoft equips very strong function for plug-in developer in IE, it makes that tracing the transaction activities very easy. Furthermore, one can use BHO to overwrite transaction information without being discovered. This research investigates the security and safety issues of transactions of internet bank. Specially, we focus on the risk due to the adoption of BHO technology. The method of security improvement and prevention will be proposed.