Topic: Be mindful when making transactions on PC - page 2. (Read 274 times)

Don't get me wrong, if you don't consider yourself up to the standards to protect yourself online, then by all means install a anti virus, but definitely keep in mind that it doesn't protect you fully, and therefore there's a chance that you could become complacent, and neglect security advice that you wouldn't if you didn't have the anti virus.

If your anti virus doesn't collect data on you, doesn't advertise crap, and doesn't use too much of your resources, then there isn't too much of a problem. Although, you can absolutely mitigate the risk without a anti virus, like I said by downloading only from trusted sources, having scripts turned off by default on your browser, flash, and other media turned off by default, and by verifying signatures even if you trust the website your downloading from, since you want to be absolutely sure that website hasn't been compromised.

Yeah, it's definitely not meant to offend. I just thought that's the easiest way of explaining it that some people will be able to relate too. It's a fact that some older generation people are more up to scratch with security than younger, in fact this isn't always down to having more knowledge about their computer, but fear of using it if that makes sense.

Security is very complex, like seriously it's very complex to the point that I doubt anyone follows all the recommended steps, that's when anti viruses do offer some protection, but as stated the complacency that could introduce shouldn't be underestimated.

Linux has some benefits to it, like for example root permission often has to be elevated, although it entirely depends on the setup that the individual has. Although, Linux definitely does have some built in protection just by how it usually ships, and the fact that most viruses will be adapted to those running the most popular operating system, which is currently Windows I believe.

Running a Linux system doesn't mean you're automatically secure though.

I'd go as far to say that inconvenience along with complacency is the leading cause to infection. I can't prove that, but that's my gut feeling.

The bare minimum for me when using conventional operating systems (i.e not Qubes) is complete reinstall of the operating system infected, and a full reset of the router. This will prevent most non sophisticated attacks. Although, it's possible to survive formats, router resets, and bios infection, however this usually isn't the case for the vast majority of infections.

Well, I am 56 years "young" (no offense taken though), so you could say I'm an "older generation person", but I have been very interested in computers since I was little, yet I don't feel I have the knowledge to effectively protect myself. I find there are so many different classes of attacks, it's overwhelming.
Incidentally I switched to Linux more than a decade ago, and felt somehow secure because of it, but since I started on cryptocurrencies I wouldn't bet on it.


Nothing is impossible. It just takes work, and, like you said, it may be inconvenient at times, but it can be done, and it has been done. Now they say web 3.0 will be more focused on personal security and privacy. We'll see...


I used Norton once in 2005, on a computer I knew, for a fact, was infected. It didn't find anything, even when running it in "safe mode". Then I did a google search and found Spybot S&D. on the first run, it found about 1800 viruses. On a second run on "safe mode", it found another 300. I never used Norton again.

Good recommendation welsh I will give Norton antivirus a try, maybe if I have a strong antivirus installed in the first place maybe none of this wouldn't have happened, thank you.

See, I've found Norton to be quite intrusive, the thing is as computers advance, so does their hardware, so the effect of the program isn't noticed as much as time goes on. Put Norton on a older system, which doesn't have the latest ram, and CPU, and you'll see an issue. Although, I can't personally claim either way if its good or not in terms of resources, since I haven't seen it personally.

Although, why I find it intrusive is because it constantly tries to push additional products onto you. For example, I have friends that use it, and I've seen that they try to push Norton's own version of a VPN. The only saving grace is that they do claim not to keep logs for their VPN's. Although, according to this they do collect some data, which is too broad to see if any of that information could be deemed invasive. However, I'm not a fan of the advertising that these services do, even if it is their own products. I believe they're enabled by default, and can be turned off through the settings.

As for their capabilities in protecting its users, I'd have to see some compelling data to change my mind on it. Heuristic_analysis generally is very limited, and more often than not identifies false positives. I've had code I've written been flagged by anti virus systems, so I know they're definitely flagging up false positives. Most operating systems have built in systems these days, Windows has Windows Defender, which practically does the same thing, a part from a few variations. Obviously, Linux can differ per its distribution. Mac OS I'm not entirely sure how that works, as I've never touched one of them for long enough to take a look. If you have a built in system that you can't disable (Windows Defender), then you are effectively adding another similar application to the current usage of that application too. So, that should be factored in.

I'm going to sound like a broken record here once again, but if you truly care about security, and internet security there's no better operating system than Qubes OS. I've recommended this so many times, I almsot feel like a personal sales agent for them, but it's completely free, and uses virtualisation technology to separate instances known as Qubes, which means even if one of them was compromised, it's unlikely to be able to infect others, which reduces your risk massively.

For example, you could have a dedicated Bitcoin wallet qube which you plug your hardware wallet into, sys-net the qube that handles the network supplies the connection to that qube. If sys-net gets compromised, it doesn't mean that the qube will, and you could potentially set sys-net as disposable so upon reboot it resets to the default, and effectively gets rid of any threat. The best anti virus to me, is compartmentalizing your system by default, so if you're compromised it doesn't compromise you entirely. Anti Virus's do attempt to isolate the threat before it does any damage, but there are no guarantees of that.  I'm not going to go into this rabbit hole as I'm afraid it'll go too off topic. However, while I agree with the OP's statement that you should be careful, the only way you can truly be sure, is via isolation, even then there are definitely risks, but it's the most secure way other than not using the internet at all. Obviously, I'd recommend against using hot wallets when not necessary anyhow, and strictly use cold storage.

This all obviously depends on your threat model. Most viruses aren't very sophisticated, and they don't need to be, because they aren't meant to be attacking high profile people. Instead, they often try to advertise or collect data.

As someone who has tried at least 15 or more commercial home AVs over the years, I can say that there are indeed those that are difficult to configure, have an impact on the system, and can cause inconvenience to the user. However, there are security solutions that are the opposite, and their presence on modern computers is almost invisible if we look at CPU or RAM usage.

For example, I will say something about my experience with Norton Security, which I consider almost perfect. RAM consumption is generally less than 100 MB, while CPU goes from mostly 2-5%. By comparison, Firefox with 4 open tabs consumes over 1 GB of RAM and close to 10% CPU. For a computer with 8 GB of RAM and a modern processor, no AV will be a problem with resource consumption.

I agree that protection depends on what the antivirus definition database is and how often it is updated - but also on how good heuristic analysis it has, which means that it can fight against those threats that have not yet been added to the antivirus database.

You'll find that the more technical people will avoid anti viruses for the reasons I mentioned above. I actually see anti viruses to be more tailored towards those that don't know much about computers or using them safely. For example, and I do hate giving this an an example as it comes across as stereotypical, but it's not meant to be that way; a older generation person that hasn't had much interest in computers, will likely be more inclined to use anti virus because they don't have the knowledge to secure themselves. However, while there's nothing wrong with this approach, there's definitely a element of risk here, since that person will likely assume that they're safe from all attacks, and therefore will be more complacent, when in fact they aren't completely secure.

Your data is 100 percent going to be leaked at some point, if it hasn't already been so. This is nothing to do with your personal security (although you can mitigate it by providing fake/temporary data), but the services that you use. For example, the most popular websites in the world have been hacked, and have had their data leaked. This forum has been hacked, and user's passwords, and other information was leaked. So, avoiding leaks is impossible if you use the internet, and sign up to services.

However, like I briefly mentioned you can mitigate that risk by providing fake or temporary data that is website/service specific. Although, most people don't do this because of the issue with convenience.

That is the thing we suppose to do but only techy people who able to do this while others don't care about it and they mostly receive the consequences due to ignorance. Even we do much care of our PC and install blocking apps, we can't still assure that everything will be okay and totally safe as these apps couldn't give 100% safety on your PC. Some leaks could be considered especially when accidentally clinking links that contain malware or virus.
Well, the best way is not to save important information to our PC or laptop, especially when it includes private keys and bank accounts.

Ideally, physically or using a operating system which supports compartmentalization, therefore isolating it from your daily activities is the best approach. I'm an advocate for Qubes OS which not only isolates each qube from another i.e instances of a operating system, it can optionally isolate your network from them too. There's also options to have a disposable sys-net, which upon rebooting resets it back to the template, so if you did get compromised it would only be for that session.

Although, even without isolation techniques, you can avoid most problems by not downloading anything that you haven't verified to be legitimate.

I actually consider anti viruses to be worse than just following basic security protocols. They slow down your computer, they often come with bloatware, and they're intrusive via unnecessary notifications. Also, some people have claimed they falsely identify problems, just so you think they're working.

An Anti Virus is a glorified database checker, they don't use anything impressive, and they aren't effective against new attacks, until they've been found, and put in the database. This often nulls people into a false sense of security. So, are anti viruses beneficial? Probably to some people, but like I suggested above you can easily avoid most of the pitfalls by not doing risky stuff on your computer.

The importance of this cannot be overstated, some persons only think in the direction and fear the possibility of virus entering their PC and not Malwares. Some malwares are as dangerous, even more dangerous than some virus. A friend of mine had a malware in his PC that was actively taking screenshots of his PC screen and sending to a source, had he not noticed it on time, it would have done a great deal of damage to him because he does all business transactions and related from his PC. Get a good malware protection because these things are real.

This malware has been known for a long time, and we call it in general clipboard malware, and that's exactly what you described. The precautions that every crypto user should take should consist of trying to prevent such malware from getting into our system at all. This would include the following actions:

• Never click on suspicious links presented through e-mail and social networks, but also do not click on advertisements that can also lead to malicious content.
• Be extremely careful when downloading all media files directly or via torrent, and when visiting xxx websites - it would be best to have a separate device for such things.
• Get proper antivirus/malware protection to protect you in case you still make a mistake.
• Always check all the data in your crypto wallet before confirming the transaction by clicking on the preview option, with special emphasis on the accuracy of the address to which you are sending coins.
• However, if you are not a careful enough person and bad things often happen to you, invest in a hardware wallet that will additionally protect you by forcing you to raise security to a higher level.

Linking this thread created by @LoyceV in case there is someone who is new to this type of problem called "Clipboard Hijacking".

[1] How to lose your Bitcoins with CTRL-C CTRL-V

Just a suggestion. Check the entire address string to see if the pasted address is the same as the source. Only checking the first/last three characters is not a good practice since the middle part can be modified, which can be tough to spot if you are not paying attention.

If you are using wallets on PC and you are also receiving emails and browsing the Internet on such pc make sure you watch your step very well, there is a malware out there that can swap the address you want to send coins to with a scammers address, I was so lucky to noticed this and I have the habit of cramming the last three alphabets of the receivers address after clicking on copy. May we not work for scammers to enjoy our hard work in the end.


Things are back to normal after I formatted my PC