I was about to make a post like Ironside's earlier when work distracted me.
I would also add to the basics that need to be in order to keep yourself as safe as possible:
1) Good, up to date Anti Virus software.
2) A Firewall of some sort.
3) Good, up to date Anti Spyware (Spyware is a group of threats that includes some trojans, these could reveal your passwords, as well as annoying pop up ads)
(I can expand on this, i.e. what's good if people need).
Most online banking fraud is carried by obtaining access to the site from the user, by installing malicious software or sending out hoax emails that they respond to. They do this as it is a lot easier than hacking the bank itself and yields them a good profit. This is the reason that one of the most respected name's in the computer security industry has said that banks are wasting millions on "two-factor authentication" (a hardware dongle you plug in that verifies you to your bank).
"Two-factor authentication was invented a couple of decades ago against the threats of the time. Now, the threats have changed - and two-factor authentication doesn't defend against them. It's a waste of money," Schneier told El Reg. His comments are controversial because they attack a technology touted as a gold standard for net security - but that doesn't necessarily mean he's wrong.
This is because the threat is not from fraudsters cracking the password to gain access to the bank but rather tricking the user into giving them the details they need to get authorised.
Assuming poker sites maintain the most basic levels of security it is more likely that people hacking the site will target the users rather than the site itself.
This happened in the only case of this that i know the details of (hippicrit on poker stars through the post The Hendon Mob Forum). His username was the same as his screen name (is that always the case on pokerstars? i have yet to create an account there) and his password was his username with a 1 on the end. Someone saw him make a score in a tourny and tried to get onto his account and succeeded - as his password was very simple.
As for who is responsible, I would think the user - the username/password identifies them and it is their responisbility to make sure no one else knows it. I have a sneaking suspiscion that the only reason the banks are so helpful to the majority of users who are caught out by online fraud as they stand to save a lot of money by moving banking online. Obviously stories about fraud would hinder their attempts to do this.
However they may very well be ignorant of the issues and what is expected of them. With online poker (and gambling) getting so big i'm suprised that no sites have any help with security or some form of big push to help users with this. Thinking about this today made me realise that there was so much sites could do to help with this. I was suprised that no one had done anything like that as i'm sure it would help them differentiate themselves from the competition aswell as justify some of the rake that they charge.
Hope that makes sense i've just got back from the gym.