Bitcoin Forum

Table of contents

          1. Introduction (#post_point1)
          2. What is anti-phishing extensions? (#post_point2)
          3. How does it work? (#post_point3)
          4. Protecting your self against phishing sites (#post_point4)
          5. Anti Phishing extensions (#post_point5)


Introduction

We all know that in the last year, cryptocurrency has been attack by many waves of phishing - a deceptive way to steal our sensitive data like private keys, seeds or passwords to our wallet and exchanges account. We are really vulnerable and hackers or cyber criminals are constantly on the offensive and many fall for the trap specially fake giveaway scams.

What is anti-phishing extensions?

A tool that can detect this malicious apps at it analyze the website that we are browsing and if that website is already listed on their repositories, these will be block automatically if you by chance have visited this websites.

How does it work?

So if you visited this malicious websites, an alert or warning you will on your screen and you will be block from visiting it.

Protecting your self against phishing sites

Firefox has built in Anti-Phishing protection. But it is better to used other apps as well so that you will have maximum protection against this cyber threat.

Anti Phishing extensions

a. EAL - Block you from malicious domains - EAL keeps a daily-updated blacklist of known phishing domains to help you keep your funds/secrets secure. The blacklist is saved locally to the extension every 10 minutes to keep your privacy intact. The only time you hit a 3rd party service is when the extension caches the blacklists - services are Github and Infura.

https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn?hl=en-GB

You will received this warning with you installed this app after visiting a phish site.

https://i.imgur.com/UZJNUXo.png

b. PhishFort | Protect - Open-source, The plugin will indicate different colors depending on the website you're visiting. Green - is safe, and Red is a possible malicious site and dangerous.

https://chrome.google.com/webstore/detail/phishfort-protect/bdiohckpogchppdldbckcdjlklanhkfc?hl=en

https://i.imgur.com/1h3jdIy.jpg

c. Netcraft Extension

https://chrome.google.com/webstore/detail/netcraft-extension/bmejphbfclcpmpohkggcjeibfilpamia

If you have anything to add please let me know.

I prefer not to trust all kinds of extensions since recently a lot of extensions are being created for fraudulent purposes. While doing its job of protecting against phishing, at the same time, the same extension can collect information about the user, engage in surveillance, hidden mining, steal passwords, and everything else. The extensions themselves are not created by browser developers, but by people who are looking for a way to make money.
It is enough to set up your browser correctly, I would recommend Firefox, and Need to know all the guides on how to avoid getting to a phishing site. (https://bitcointalk.org/index.php?topic=5171134.0)

https://bitcointalk.org/index.php?topic=5171134.0

A recent investigation witcher_sense (https://bitcointalk.org/index.php?topic=5264347.msg54862564#msg54862564) reveals that the extension has a different name, but its purpose is to steal wallet data.

Indeed. There are numerous extensions that are reportedly stealing data from it's users as it was the easiest way to access one's browser and browsed website activities. OP, I think it is too risky to trust nor promote such extensions despite the fact that the 2 of what you've mentioned are open-sourced. Using opera or simply not making mistakes such as trusting nor clocking anonymous links would be enough. Phishing is easy to be avoided, as long as everyone are careful what websites or what files to download.

The biggest tip is simply, Think before you click.

I'm aware that Google's app store whether it is in the Playstore or Chrome Webstore is a gold mine when it comes to fake and scammy apps that are mostly malicious in nature but they can easily be avoided by looking for their reviews, date uploaded, uploader name or basically everything in their "about" section which will make you see that the app you are downloading is the real version. These anti-phising extension is really helpful and this can be treated as a first layer of defense rather than just always relying on your eyes being observant as always.

Aside from using trusted anti phishing extensions on popular browsers, I thought it would be ideal if we could also consider installing effective Antivirus apps on our systems to further strengthen our defenses against such kind of attacks but the only downside to these antivirus feature is that it is mostly available on paid or subscribed versions of most antivirus apps only.

I agree with the use of antivirus as an additional application to ward off phisng websites, websites containing malware and ransomware. this will further strengthen security on the device used. But the weakness you mentioned about the paid version of the antivirus, is not a weakness it's just an option for you, do you want to enjoy the free version with limited features or the paid version with all the features provided for your security. I better choose the paid version because there is no loss in subscribing to the paid version for the best antivirus.

I currently use Kaspersky as my second antivirus (the first Windows Defender Antivirus).
https://i.postimg.cc/CKJCssRF/Screenshot-102.jpghttps://i.postimg.cc/ZRR87vN6/Screenshot-101.jpg

But for anti-phishing it depends on the report data provided by others. because some phishing websites will not be detected because they do not have any data.
For example below, there will be a Kaspersky icon that indicates the website is safe.
https://i.postimg.cc/mD5Q0Z3J/Screenshot-100.jpg

Why do people have to rely on any extension to avoid phishing links? I don't think they should rely on third party extensions this way because they can simply protect themselves from phishing sites.

How to self-protect from phishing sites? Is it difficult to do?

In a simple word: Easy!

• Control your curiosity and avoid clicking on any links sent to you by the others (even they are the ones you love, you know or from strangers).
• Beware of links and don't hurry to jump directly on the links and click on them.
• Another minor tip is: On most browsers and messenger apps, hovering your mouse/ touchpad on links then the full links will be displayed. If you see something is strange in full links, it is a further reason to not click on those links.

---

A long suggested guides but in practice, you can do it so easily.  ;)

To me, it looks like such extensions have more coins than pros. First, they create a false sense of security, as users might think that they are perfectly safe when they use them, while in reality they can only prevent some scams, usually the biggest and oldest. Next, they might be spying on users or do other malicious things - it's the best practice to always try to minimize the number of extensions and only install what is absolutely necessary.

It's better to learn to distinguish phishing sites manually, so you won't ever have to rely on third parties to do it.

I certainly agree to the above mentioned ideas and suggestions about keeping us safe from being victimized from phishing attacks but let us all bear in mind that we are not 100 percent safe even if we observe best security practices!

I think it is our duty not to be complacent hence, we should always be vigilant and keep ourselves informed on new and emerging styles of such attacks in order to take necessary actions to counter it accordingly.

If I will be asked I prefer paid antivirus rather than installing free extensions because I feel more relieved by doing so :) especially knowing the fact that scammers are now also using such extensions to harm us as well. It costs money but I know it will be all worth it. Due to the series of bad news regarding privacy issues, I'm now having a hard time to trust FREE downloadable apps (which came from unreliable sources of course) because no one knows whether they got a hidden agenda or not. I'm not too techy to figure it out. So having an extra defense is really vital.

Of course! a paid antivirus is more preferable than the free versions since it comes fully packed with more features to better safeguard our own systems and it will not hurt us if we shell out some money since I think it gives us a better deal when we value security.


There are still a handful of useful and effective apps that could boost our security, all we have to do is to do some research first and evaluate any potentially  useful apps that we could use accordingly.

IMO I will not use any third-party platform just to make safe because we cannot say that some of them have a Trojan virus that sooner or later will activate and can steal all of your data. One of the best ways is to be aware of those platforms and software applications to prevent having trouble. Also, it's better to use an anti-virus-like the

• Nortron
• Eset

Every activity you do, like downloaded software, if they think it may harm and suspicious they will not be allowed to continue the progress and blocked to your computer immediately.

It has built-in adblocks and anti-trackers, and it commonly blocks supicious and malicious websites as well (based on my 2 year experience using it). And if ever you would ask me, I would really recommend the use of it. I had no issues since then and I know myself that there had been no instance that I was phished. And with regards to the topic, whether you use opera or not, the issue isn't on what browser nor broswer extension you use, whether you use Brave, Chrome, Vivaldi, Opera, Firefox, would still depend on the user's actions.



With regards to anti-virus applications, i do suggest the use of window's default anti-virus and anti-malware, Windows defender. Why? They update it everyday with what viruses are created each and everyday to block it. And as for me, the use of third party AVs is somehow risky as most of them (especially if wasn't licensed) were the ones making their own viruses to detect.

This is what I'm trying to emphasize that no matter how confident we feel about our own security setup maybe, even if we utilize top grade apps to boost our security, the weakest link here is the human factor e.g. curiosity, negligence, complacency, etc... as these are most often exploited by attackers and could serve as an effective attack vector. Imho.

I used EAL + Anti virus for me, EAL is good in blocking malicious sites, but it really depends if the malicious sites has been reported and included in their database.

So the best thing to do is not just rely on them, but used our common sense and not get this sense false of hope that everything is going to be safe just because you have them, it's not a guarantee, they are just a nice-haves in my opinion.

Extensions might be too dangerous if one could not assess properly the installed extensions for it could be mean a program that could steal identity and other important details to acceas funds or crypto wallets. So, I think we need to be careful now that there are many users identity being breach by the hackers.

So, there is a need to get a good study first or resources from the experts or approval on them before installing extensions or add ons.

The human factor, as you write, can be prevented if you install the software in advance, like a sandbox. Today there are many programs for both Windows and Linux.
I think many are familiar with this kind of software. It is also available in antivirus software and is provided as separate programs.
In general, working where our line of business is related to finance, it is worth separating entertainment and work. Many people know and continue to study in the field of cryptocurrencies, in addition, it would be nice to acquire knowledge on safe working on the network. Namely, what I would like to focus on is mastering Linux systems. The Internet describes many advantages of working with such systems, I think everyone who is interested will be able to find a lot of information on their own.

I beg to disagree, sandboxing or use of virtualization doesn't fully safeguard us from malicious attacks and its very dangerous to have that assumption of security under any circumstances.


If we ought to think that Linux systems are far more safer than Windows systems, then I suppose we are mistaken here since most malicious payloads are often conveniently developed on such environment. I guess its safe to say that no systems are 100 percent safe or secure until now. Imho.




I agree, ordinary users most likely would not want to use a sandboxed environment or virtualization that is why assuming that it can prevent any form of malicious attack would not be very viable. Imho.

I respect your opinion, but you may be too biased towards Linux systems.
One of the hallmarks of Linux is its open-source code. And that is what makes these systems safe. Anyone can look at this code and make sure that there are no secret moves or bugs in it.
Another advantage is that Linux has a lot of distributions. Nobody will write viruses for every system. On the contrary, according to NetMarketShare (https://www.netmarketshare.com/operating-system-market-share.aspx?options=%7B%22filter%22%3A%7B%22%24and%22%3A%5B%7B%22deviceType%22%3A%7B%22%24in%22%3A%5B%22Desktop%2Flaptop%22%5D%7D%7D%5D%7D%2C%22dateLabel%22%3A%22Trend%22%2C%22attributes%22%3A%22share%22%2C%22group%22%3A%22platform%22%2C%22sort%22%3A%7B%22share%22%3A-1%7D%2C%22id%22%3A%22platformsDesktop%22%2C%22dateInterval%22%3A%22Monthly%22%2C%22dateStart%22%3A%222019-07%22%2C%22dateEnd%22%3A%222020-06%22%2C%22segments%22%3A%22-1000%22%7D), 88% of all computers run under the Windows operating system. You can guess for which systems different viruses are most often written.

And yes, I am with all my hands for what you say. It is never worth counting on complete safety with this or that system.
The main thing is your own attention and accuracy when working with your data.

Quite interesting with some of the applications and ant-phishing extensions that you find. But the choice of anti-phishing applications and extensions such as this also has the risk of getting a similar fake application. There are several cloning applications that are created to spread phishing addresses. want to be safer, but instead become a victim of phishing.

Actually now websites like Mozilla and Chrome already have default warnings about suspicious websites that will threaten your device. But if you really want to use a third-party application or extension, you must choose the right and original application. make sure the application or extension is recommended.

I may sound biased but in fact i try to be objective in this matter. I understand Linux systems have a higher degree of security as compared to Windows systems but I like to point out that it is dangerous to assume that Linux systems are totally safe and be complacent about it.



Not all can read or interpret code and no Linux systems or even Windows are without bugs because no operating system is perfect and none will ever will.



Having different kinds of distribution is a good thing for open-sourced platforms like Linux but again its very risky to assume that nobody will ever write malware on it. In fact there has been a lot of these malwares being developed consistently and are targeted on Linux systems  especially on  server based platforms. Kindly see link below.


https://en.wikipedia.org/wiki/Linux_malware (https://en.wikipedia.org/wiki/Linux_malware)

Sometime we decide to download anti-phishing apps and extension with an intention to save ourselves from phishing but we accidently download the clone apps and become victim of phishing. Therefor I do not recommend downloading extensions or apps to prevent phishing , rather we should be careful in trying the website address and manually check if we have landed on the right site/page.

Most of this rely on third party lists or similar, they might help somewhat but they are never up to date. New phishing sites come up and go daily. Using your own judgement could be better than using extensions imo. I also agree with top comment, extensions can do you more harm than good.

I suppose the purpose of using a sandbox is to have a controlled environment only like for example if we think that a certain app or program could have a malicious code inside it, we could execute it on a sandboxed environment and if that app have malicious code, any harm it could do would be contained in that sandbox environment only and will not spread to the other parts of the computer system itself. Imho.

A lot of extensions apps available online but not all of them is legit. Clone apps, paid reviews, that would likely it brings you into the worse case instead of saving you from phishing sites once it is installed. For many years that I've been in online business, I'd never use one of them but just have to really myself because I know what I am doing.

That is right...we can make it easier if make it a habit and to care for our own.

---

To finally said is that, the full security is in our hands not from these extensions or any third parties. In fact, many people have still ignored the warnings that it appears from their computer, they likely to breach such action, and that extensions seem so helpless for them.

In the first place, if you're intension is to save yourself from phishing, then you have somewhat an idea on how not to fall for it, like downloading it from somewhere else and not from official website then you need to educate yourself more. It is recommended as long as you get it from the official site. The only problem is that there could be some gaps that the extensions pulling their source to trace the malicious website is not update and that small window can open a lot of opportunities for scammers to victimised crypto users.

Pay attention to every address detail that you want to visit, whether it is a real website or a fake website. There are many fake websites that are disguised as if they were genuine websites. You need to record it well.
Don't ever get bored with doing research first, check every social media about the anti-phishing extension, is it really original or just an imitation.
Your security is in your own hands.

I think any new extension that appears should always be suspicious. Despite all the functionality this extension promises to deliver. Any extension reviews can be easily faked. You always have to rely on yourself, everything that the extensions suggest doing can be done without them. In this example, protection against phishing is in the hands of the browser owner himself. The browser is not a Christmas tree, and you shouldn't hang a lot of additional add-ons on it. Add your frequently visited sites to your favorites, and the rest should be assessed with caution, and generally from another browser.

Checking website is a priority tips before downloading apps extension in avoiding phishing apps. Most fraudulent apps in Google play store have the same imitation with legit ones making victims especially newbies falling scammed, undergoing some research via social media page would actually detect the legit ones.

Even trusted extensions could also put you at risk. The best way to avoid getting phished is to block the address that you found out that it is a phishing site and also the new sites that you found to avoid accessing it in the future. Triple check everything you type to avoid accessing fake websites.