Pages:
Author

Topic: Must have web browser addons to keep you a step safer from phishing (Read 728 times)

legendary
Activity: 2268
Merit: 18771
No Coin (Chrome, Firefox, Opera)
minerBlock (Chrome, Firefox, Opera)

Also, to consider duckduckgo's extension.
+1 for No Coin.

DuckDuckGo Essentials is certainly a good add-on, but it isn't the best. The issue it has (and many anti-tracking add-ons have) is that it simply uses a list of known trackers, and blocks anything that appears on that list. Compare that to Privacy Badger, which I recommended on my reply on the first page of this thread. Privacy Badger actively monitors your browsing session for anything that is trying to track you and blocks it. It has the advantage of catching quite a lot of stuff that is yet to be updated on to the anti-tracking lists that other add-ons use. DDG Essentials does some other stuff too, such as forcing encrypted connections, but that can be easily replicated by using HTTPS Everywhere (again linked to in my previous post).

DDG Essentials is certainly a good add-on if you want something quick, easy and requiring no set-up, but if you are looking for the best privacy, security and anti-tracking, then Privacy Badger + others is the way to go.
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
Great list of extensions.

Other extensions that are useful given the prevalence of cryptojacking eg.

No Coin (Chrome, Firefox, Opera)
minerBlock (Chrome, Firefox, Opera)

Also, to consider duckduckgo's extension.
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
Being phished means you visited a fake/cloned website . if nothing bad happens to you and you believe that you access the correct url of etherdelta then you dont need to question yourself on why you didnt got hacked .  
The attack happened on the exact Etherdelta website where there was temporary access to Etherdelta's DNS server by the hacker. It was the exact Etherdelta domain not like this usual phishing attempts you know of where there is a slight alternation of the domain name.

I was starting to do a token transfer at that time of the attack so yes, I was doing something on a correct url of a website whose DNS server had been hijacked. If it wasn't for Netcraft and MetaMask's alerts. My funds were gone.

This is not an ordinary phishing attempt we always see daily. We are talking about a DNS server getting hijacked.
To enlighten yourself and refresh some memories of that day there is more here Cryptocurrency exchange EtherDelta got replaced with a fake site that steals your money
full member
Activity: 714
Merit: 100
I was online when an attack was made on Etherdelta in 2017... In fact, I was even in the process of making a transaction to Etherdelta and do you know what saved my Private key from getting Phished?

Being phished means you visited a fake/cloned website . if nothing bad happens to you and you believe that you access the correct url of etherdelta then you dont need to question yourself on why you didnt got hacked .  


Those users who used a Ledger Hardware wallet even in the time of the attack were safe since hackers can't access funds without physical access to the device itself. Another win for Hardware Wallets.

Hardware wallets are also exposed to attacks as soon as you already connect your hardware wallet into your gadget and your gadget is connecting online . those who didnt got hacked might not  visited a fake website .
legendary
Activity: 2730
Merit: 7065
I was online when an attack was made on Etherdelta in 2017... In fact, I was even in the process of making a transaction to Etherdelta and do you know what saved my Private key from getting Phished?
Those users who used a Ledger Hardware wallet even in the time of the attack were safe since hackers can't access funds without physical access to the device itself. Another win for Hardware Wallets.
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
Thanks, OP has been updated.
Be careful about adding every suggestion to your OP.

Browser extensions are an easy way to distribute malicious code, since if your extension looks good/professional enough, many people will download it without really thinking about it. I've not even heard of some of these extensions, which is usually a warning sign for me given how much attention I pay to online security and privacy. I would certainly be considering checking the code out for yourself before recommending it to others.
I did check out the source code before updating the list especially for phish fort as it's relatively new in the game.
Wouldn't be fair recommending people an add-on i completely know nothing about  Cheesy
legendary
Activity: 2184
Merit: 1302
Playbet.io - Crypto Casino and Sportsbook
I would certainly be considering checking the code out for yourself before recommending it to others.
When giving out tips based on security,its always very necessary to be a 100% sure of the website,product,service etc, thats not to say people shouldn't or wouldn't do their own research before taking in someone else's advice,recommendations,suggestions etc, but for the 1% that wouldn't,its good to be sure to a reasonable extent the advice being given out.
legendary
Activity: 2268
Merit: 18771
Thanks, OP has been updated.
Be careful about adding every suggestion to your OP.

Browser extensions are an easy way to distribute malicious code, since if your extension looks good/professional enough, many people will download it without really thinking about it. I've not even heard of some of these extensions, which is usually a warning sign for me given how much attention I pay to online security and privacy. I would certainly be considering checking the code out for yourself before recommending it to others.
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
<...>
Thanks, OP has been updated. It's sad that the link to their Firefox add-on does not work.

<...>
Thanks but am currently looking at anti phishing add-ons. However, I  look forward to making a topic related to malwarebytes sometime soon.

better you bookmark the real website to keep safe from phising site. if you first time follow that website, very good if you can check their security,domain,website age and their ads. i always check it in scamadviser and see any preview in youtube video about that website.

Bookmarking is okay but also not 100% guaranteed safety.
I was online when an attack was made on Etherdelta in 2017... In fact, I was even in the process of making a transaction to Etherdelta and do you know what saved my Private key from getting Phished?

It obviously wasn't bookmarking(I had bookmarked Etherdelta and i still ended up loading a website whose DNS severs had been hijacked) but Netcraft gave me a warning(the ad-don was showing a risk rating of 9/10 at that time) and MetaMask displayed a warning. That's when I realized that Etherdelta was under attack and i stopped what i was doing immediately.
jr. member
Activity: 304
Merit: 5
better you bookmark the real website to keep safe from phising site. if you first time follow that website, very good if you can check their security,domain,website age and their ads. i always check it in scamadviser and see any preview in youtube video about that website.
legendary
Activity: 2268
Merit: 18771
My main issue with Waterfox is that they are quite slow in terms of security updates and patches compared to Firefox. Out-of-the-box Waterfox is definitely more private, as it has no telemetry features like Firefox. But if you know what you're doing, or you have a good guide to follow, you can configure Firefox to be just as good, if not better, than Waterfox.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
No mention for the Brave browser in a crypto board is quite strange, I started to use it in both PC and smartphone, it's pretty good!

If you are looking for a browser you can just download and run with, with minimal set up or configuration, then I agree Brave is probably the best "out of the box". However, Firefox supports much more advanced add-ons, just a few of which I have linked to above, and also allows a lot of customization and tweaks through about:config and "user.js" configurations. I haven't used Brave for several months, but last time I did it was absolutely horrible for browser fingerprinting. I'd be keen to know if that has changed?

If you don't want to configure Firefox, then Brave is a better choice, but a properly configured and customized Firefox browser is better than Brave in terms of privacy and security.

Brave is a Chromium based browser and can use the same add-ons as Chrome.

My main browser is actually Waterfox, a Firefox based browser. Of course you can use Firefox add-ons (both old and new) with it.
copper member
Activity: 591
Merit: 55
Good topic. I'd also like to recommend you to use Malwarebytes Browser Extension.

Malwarebytes Browser Extension BETA delivers a safer and faster web browsing experience. It blocks malicious websites while filtering out unwanted content (resulting in up to 3x faster webpage load times). Blocks clickbait links, stops in-browser cryptojackers (unwanted cryptocurrency miners), and gives other malicious content the boot.

When the browser extensions block a site, they will show you a warning similar to this one:



More information: https://blog.malwarebytes.com/malwarebytes-news/betas/2018/07/introducing-malwarebytes-browser-extension/

You can find the add-ons for Google Chrome/Mozilla Firefox on the official website: https://www.malwarebytes.com/products/
OR
Chrome Web Store: https://chrome.google.com/webstore/detail/malwarebytes-browser-exte/ihcjicgdanjaechkgeegckofjjedodee
Firefox Add-Ons: https://addons.mozilla.org/firefox/addon/malwarebytes/
sr. member
Activity: 924
Merit: 260
Work in progress to include more anti phishing add-ons. If you know of any good anti-phishing add-ons, please comment them in the thread and I will update the list with credits to you.

I just recently installed https://www.phishfort.com/ It's an anti-phishing browser extension. Works similar to CRYPTONITE, but free to use forever. Also it partnered with MyEtherwallet.

I learned about it from the news. https://bitcoinexchangeguide.com/myetherwallet-mew-partners-with-segasec-and-phishfort%E2%80%8A-cybersecurity-firms-to-prevent-attacks/
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
<...>
Thank you, I will keep that in mind. Phishing is something that looks easy to evade but sometimes one could just be caught off guard, probably when one is trying to browser during times of fatigue or having less attention to the websites s/he is browsing.
legendary
Activity: 2478
Merit: 4341
eXch.cx - Automatic crypto Swap Exchange.
You know OP you have to keep reminding new forum member about using this security tips by bumping thread lets say once in every two months or so. I was searching how to save guide my BTT account after I almost fell prey to scam attempt of recent. You're doing some great work towards enlightening forum member to take privacy as our priority. Thank you for that.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
I also want to add, if you can, disable "auto complete" or just ignore it and just type the whole URL, if you do not trust browser add-ons.

Bookmark the site you want is a good alternative also. It's safer and more comfortable for the user, as people are lazy to type (I am at least)

Nope, this is not a good idea. The bookmarks can be altered and hackers know people trust their bookmarks. This false sense of security is exactly what these hackers/criminals want. In some browsers you simply click on the favorite bookmark and edit the URL section

A hacker simply search for the keywords in the registry and replace that with the phishing site URL.  Roll Eyes 
hero member
Activity: 1834
Merit: 759
I use uBlock Origin, and couldn't recommend it more. It works perfectly, requires minimal user set-up or maintenance, and I have never had any problems bypassing all those "Disable your ad blocker or you can't access this site" pop-ups and overlays we were just discussing. Having said that, I do also generally block Javascript by running NoScript, so I can't say for sure whether it is uBlock or NoScript that is responsible for blocking these pop-ups. I'm afraid I have no desire to turn either off for even a short time to ascertain the answer - I would recommend everyone uses both anyway.

Yeah, I also use both along with HTTPS Everywhere. I also never do anything remotely related to crypto on a Windows machine. These are probably all you really need if you're aware of basic safety practices. I've heard of password managers and whatnot, but I personally feel like having fewer extensions is generally better.
legendary
Activity: 2730
Merit: 7065
Since you mentioned that you search google for threads and posts from this forum it could be useful to mention that you should enter the following into the search field in order to limit the google search to only the legit BT site:
Code:
site:bitcointalk.org text here
In this way all the results will be from the original site and no other sites will be shown.
full member
Activity: 621
Merit: 214
Brave had an update recently, IIRC it was to support more addons & more...

I haven't really tested it, but i hope someone more expert can see if any improvements were done
Pages:
Jump to: