If you do online banking the connection is secure over the Internet between your computer and the bank's computer. If the server certificate is authenticated by your browser using a known "certificate authority" then you can trust the connection.

However, if all you see is the lock and there is no certificate authority involved, it is possible for the network provider (or anyone who can intercept the wired or wireless signal) to do a "man-in-the-middle" hack to intercept and copy all communications. More info http://en.wikipedia.org/wiki/Man-in-the-middle_attack

The biggest threat to security is the gullible end-user who thinks free software is really free, or who uses the same password in multiple sites, or who clicks in a pop-up, or who gives out a password. Once malware is loaded on your computer there is no security. Once you share secret information in more than one place it is no longer secret.