I am afraid it does work like that.
Even if you use wired access for financial transactions, there is nothing to stop wireless users from getting access to your system via a compromised router.
And therein lies the solution. The only way you are going to achieve the level of safety that you seek is to lock down the router to unauthorised users. This will include having your own router password, using WPA encryption, disabling SSID and allowing access to only approved PC's/laptops via their MAC address.
To the uninitiated, this may seem daunting. Try this as a starting point. click here