[Tip]: Anti-Phishing Apps or extensions

[cryptomaniac_xxx]

Table of contents

          1. Introduction
          2. What is anti-phishing extensions?
          3. How does it work?
          4. Protecting your self against phishing sites
          5. Anti Phishing extensions


Introduction

We all know that in the last year, cryptocurrency has been attack by many waves of phishing - a deceptive way to steal our sensitive data like private keys, seeds or passwords to our wallet and exchanges account. We are really vulnerable and hackers or cyber criminals are constantly on the offensive and many fall for the trap specially fake giveaway scams.

What is anti-phishing extensions?

A tool that can detect this malicious apps at it analyze the website that we are browsing and if that website is already listed on their repositories, these will be block automatically if you by chance have visited this websites.

How does it work?

So if you visited this malicious websites, an alert or warning you will on your screen and you will be block from visiting it.

Protecting your self against phishing sites

Firefox has built in Anti-Phishing protection. But it is better to used other apps as well so that you will have maximum protection against this cyber threat.

Anti Phishing extensions

a. EAL - Block you from malicious domains - EAL keeps a daily-updated blacklist of known phishing domains to help you keep your funds/secrets secure. The blacklist is saved locally to the extension every 10 minutes to keep your privacy intact. The only time you hit a 3rd party service is when the extension caches the blacklists - services are Github and Infura.

https://chrome.google.com/webstore/detail/etheraddresslookup/pdknmigbbbhmllnmgdfalmedcmcefdfn?hl=en-GB

You will received this warning with you installed this app after visiting a phish site.



b. PhishFort | Protect - Open-source, The plugin will indicate different colors depending on the website you're visiting. Green - is safe, and Red is a possible malicious site and dangerous.

https://chrome.google.com/webstore/detail/phishfort-protect/bdiohckpogchppdldbckcdjlklanhkfc?hl=en



c. Netcraft Extension

https://chrome.google.com/webstore/detail/netcraft-extension/bmejphbfclcpmpohkggcjeibfilpamia

If you have anything to add please let me know.

[lovesmayfamilis]

I prefer not to trust all kinds of extensions since recently a lot of extensions are being created for fraudulent purposes. While doing its job of protecting against phishing, at the same time, the same extension can collect information about the user, engage in surveillance, hidden mining, steal passwords, and everything else. The extensions themselves are not created by browser developers, but by people who are looking for a way to make money.
It is enough to set up your browser correctly, I would recommend Firefox, and Need to know all the guides on how to avoid getting to a phishing site.

https://bitcointalk.org/index.php?topic=5171134.0

A recent investigation witcher_sense reveals that the extension has a different name, but its purpose is to steal wallet data.

[Casdinyard]

I prefer not to trust all kinds of extensions since recently a lot of extensions are being created for fraudulent purposes. While doing its job of protecting against phishing, at the same time, the same extension can collect information about the user, engage in surveillance, hidden mining, steal passwords, and everything else...

Indeed. There are numerous extensions that are reportedly stealing data from it's users as it was the easiest way to access one's browser and browsed website activities. OP, I think it is too risky to trust nor promote such extensions despite the fact that the 2 of what you've mentioned are open-sourced. Using opera or simply not making mistakes such as trusting nor clocking anonymous links would be enough. Phishing is easy to be avoided, as long as everyone are careful what websites or what files to download.

The biggest tip is simply, Think before you click.

[Harlot]

I prefer not to trust all kinds of extensions since recently a lot of extensions are being created for fraudulent purposes. While doing its job of protecting against phishing, at the same time, the same extension can collect information about the user, engage in surveillance, hidden mining, steal passwords, and everything else. The extensions themselves are not created by browser developers, but by people who are looking for a way to make money.

I'm aware that Google's app store whether it is in the Playstore or Chrome Webstore is a gold mine when it comes to fake and scammy apps that are mostly malicious in nature but they can easily be avoided by looking for their reviews, date uploaded, uploader name or basically everything in their "about" section which will make you see that the app you are downloading is the real version. These anti-phising extension is really helpful and this can be treated as a first layer of defense rather than just always relying on your eyes being observant as always.

[bitsurfer2014]

Aside from using trusted anti phishing extensions on popular browsers, I thought it would be ideal if we could also consider installing effective Antivirus apps on our systems to further strengthen our defenses against such kind of attacks but the only downside to these antivirus feature is that it is mostly available on paid or subscribed versions of most antivirus apps only.

[taufik123]

Aside from using trusted anti phishing extensions on popular browsers, I thought it would be ideal if we could also consider installing effective Antivirus apps on our systems to further strengthen our defenses against such kind of attacks but the only downside to these antivirus feature is that it is mostly available on paid or subscribed versions of most antivirus apps only.

I agree with the use of antivirus as an additional application to ward off phisng websites, websites containing malware and ransomware. this will further strengthen security on the device used. But the weakness you mentioned about the paid version of the antivirus, is not a weakness it's just an option for you, do you want to enjoy the free version with limited features or the paid version with all the features provided for your security. I better choose the paid version because there is no loss in subscribing to the paid version for the best antivirus.

I currently use Kaspersky as my second antivirus (the first Windows Defender Antivirus).


But for anti-phishing it depends on the report data provided by others. because some phishing websites will not be detected because they do not have any data.
For example below, there will be a Kaspersky icon that indicates the website is safe.

[tranthidung]

Why do people have to rely on any extension to avoid phishing links? I don't think they should rely on third party extensions this way because they can simply protect themselves from phishing sites.

How to self-protect from phishing sites? Is it difficult to do?

In a simple word: Easy!

• Control your curiosity and avoid clicking on any links sent to you by the others (even they are the ones you love, you know or from strangers).
• Beware of links and don't hurry to jump directly on the links and click on them.
• Another minor tip is: On most browsers and messenger apps, hovering your mouse/ touchpad on links then the full links will be displayed. If you see something is strange in full links, it is a further reason to not click on those links.

A long suggested guides but in practice, you can do it so easily.  

[hatshepsut93]

To me, it looks like such extensions have more coins than pros. First, they create a false sense of security, as users might think that they are perfectly safe when they use them, while in reality they can only prevent some scams, usually the biggest and oldest. Next, they might be spying on users or do other malicious things - it's the best practice to always try to minimize the number of extensions and only install what is absolutely necessary.

It's better to learn to distinguish phishing sites manually, so you won't ever have to rely on third parties to do it.

[bitsurfer2014]

I certainly agree to the above mentioned ideas and suggestions about keeping us safe from being victimized from phishing attacks but let us all bear in mind that we are not 100 percent safe even if we observe best security practices!

I think it is our duty not to be complacent hence, we should always be vigilant and keep ourselves informed on new and emerging styles of such attacks in order to take necessary actions to counter it accordingly.

[NavI_027]

I thought it would be ideal if we could also consider installing effective Antivirus apps on our systems to further strengthen our defenses against such kind of attacks but the only downside to these antivirus feature is that it is mostly available on paid or subscribed versions of most antivirus apps only.

If I will be asked I prefer paid antivirus rather than installing free extensions because I feel more relieved by doing so especially knowing the fact that scammers are now also using such extensions to harm us as well. It costs money but I know it will be all worth it. Due to the series of bad news regarding privacy issues, I'm now having a hard time to trust FREE downloadable apps (which came from unreliable sources of course) because no one knows whether they got a hidden agenda or not. I'm not too techy to figure it out. So having an extra defense is really vital.

[bitsurfer2014]

I thought it would be ideal if we could also consider installing effective Antivirus apps on our systems to further strengthen our defenses against such kind of attacks but the only downside to these antivirus feature is that it is mostly available on paid or subscribed versions of most antivirus apps only.

If I will be asked I prefer paid antivirus rather than installing free extensions because I feel more relieved by doing so especially knowing the fact that scammers are now also using such extensions to harm us as well. It costs money but I know it will be all worth it.

Of course! a paid antivirus is more preferable than the free versions since it comes fully packed with more features to better safeguard our own systems and it will not hurt us if we shell out some money since I think it gives us a better deal when we value security.

Due to the series of bad news regarding privacy issues, I'm now having a hard time to trust FREE downloadable apps (which came from unreliable sources of course) because no one knows whether they got a hidden agenda or not. I'm not too techy to figure it out. So having an extra defense is really vital.

There are still a handful of useful and effective apps that could boost our security, all we have to do is to do some research first and evaluate any potentially  useful apps that we could use accordingly.

[Peanutswar]

IMO I will not use any third-party platform just to make safe because we cannot say that some of them have a Trojan virus that sooner or later will activate and can steal all of your data. One of the best ways is to be aware of those platforms and software applications to prevent having trouble. Also, it's better to use an anti-virus-like the

• Nortron
• Eset

Every activity you do, like downloaded software, if they think it may harm and suspicious they will not be allowed to continue the progress and blocked to your computer immediately.

[Casdinyard]

I don't use Opera, so i must ask why you mentioned using opera would be enough? Does it have good built-in phishing protection?

It has built-in adblocks and anti-trackers, and it commonly blocks supicious and malicious websites as well (based on my 2 year experience using it). And if ever you would ask me, I would really recommend the use of it. I had no issues since then and I know myself that there had been no instance that I was phished. And with regards to the topic, whether you use opera or not, the issue isn't on what browser nor broswer extension you use, whether you use Brave, Chrome, Vivaldi, Opera, Firefox, would still depend on the user's actions.

• Nortron
• Eset

With regards to anti-virus applications, i do suggest the use of window's default anti-virus and anti-malware, Windows defender. Why? They update it everyday with what viruses are created each and everyday to block it. And as for me, the use of third party AVs is somehow risky as most of them (especially if wasn't licensed) were the ones making their own viruses to detect.

[bitsurfer2014]

I don't use Opera, so i must ask why you mentioned using opera would be enough? Does it have good built-in phishing protection?

It has built-in adblocks and anti-trackers, and it commonly blocks supicious and malicious websites as well (based on my 2 year experience using it). And if ever you would ask me, I would really recommend the use of it. I had no issues since then and I know myself that there had been no instance that I was phished. And with regards to the topic, whether you use opera or not, the issue isn't on what browser nor broswer extension you use, whether you use Brave, Chrome, Vivaldi, Opera, Firefox, would still depend on the user's actions.

This is what I'm trying to emphasize that no matter how confident we feel about our own security setup maybe, even if we utilize top grade apps to boost our security, the weakest link here is the human factor e.g. curiosity, negligence, complacency, etc... as these are most often exploited by attackers and could serve as an effective attack vector. Imho.

[Jating]

I used EAL + Anti virus for me, EAL is good in blocking malicious sites, but it really depends if the malicious sites has been reported and included in their database.

So the best thing to do is not just rely on them, but used our common sense and not get this sense false of hope that everything is going to be safe just because you have them, it's not a guarantee, they are just a nice-haves in my opinion.

[jademaxsuy]

I prefer not to trust all kinds of extensions since recently a lot of extensions are being created for fraudulent purposes. While doing its job of protecting against phishing, at the same time, the same extension can collect information about the user, engage in surveillance, hidden mining, steal passwords, and everything else. The extensions themselves are not created by browser developers, but by people who are looking for a way to make money.
It is enough to set up your browser correctly, I would recommend Firefox, and Need to know all the guides on how to avoid getting to a phishing site.

https://bitcointalk.org/index.php?topic=5171134.0

A recent investigation witcher_sense reveals that the extension has a different name, but its purpose is to steal wallet data.

Extensions might be too dangerous if one could not assess properly the installed extensions for it could be mean a program that could steal identity and other important details to acceas funds or crypto wallets. So, I think we need to be careful now that there are many users identity being breach by the hackers.

So, there is a need to get a good study first or resources from the experts or approval on them before installing extensions or add ons.

[lovesmayfamilis]

This is what I'm trying to emphasize that no matter how confident we feel about our own security setup maybe, even if we utilize top grade apps to boost our security, the weakest link here is the human factor e.g. curiosity, negligence, complacency, etc... as these are most often exploited by attackers and could serve as an effective attack vector. Imho.

The human factor, as you write, can be prevented if you install the software in advance, like a sandbox. Today there are many programs for both Windows and Linux.
I think many are familiar with this kind of software. It is also available in antivirus software and is provided as separate programs.
In general, working where our line of business is related to finance, it is worth separating entertainment and work. Many people know and continue to study in the field of cryptocurrencies, in addition, it would be nice to acquire knowledge on safe working on the network. Namely, what I would like to focus on is mastering Linux systems. The Internet describes many advantages of working with such systems, I think everyone who is interested will be able to find a lot of information on their own.

[bitsurfer2014]

The human factor, as you write, can be prevented if you install the software in advance, like a sandbox. Today there are many programs for both Windows and Linux.
I think many are familiar with this kind of software. It is also available in antivirus software and is provided as separate programs.

I beg to disagree, sandboxing or use of virtualization doesn't fully safeguard us from malicious attacks and its very dangerous to have that assumption of security under any circumstances.

Namely, what I would like to focus on is mastering Linux systems. The Internet describes many advantages of working with such systems, I think everyone who is interested will be able to find a lot of information on their own.

If we ought to think that Linux systems are far more safer than Windows systems, then I suppose we are mistaken here since most malicious payloads are often conveniently developed on such environment. I guess its safe to say that no systems are 100 percent safe or secure until now. Imho.

The human factor,That as you write, can be prevented if you install the software in advance, like a sandbox. Today there are many programs for both Windows and Linux.

Do you really expect regular user to use sandbox software?

I agree, ordinary users most likely would not want to use a sandboxed environment or virtualization that is why assuming that it can prevent any form of malicious attack would not be very viable. Imho.

[lovesmayfamilis]

Namely, what I would like to focus on is mastering Linux systems. The Internet describes many advantages of working with such systems, I think everyone who is interested will be able to find a lot of information on their own.

If we ought to think that Linux systems are far more safer than Windows systems, then I suppose we are mistaken here since most malicious payloads are often conveniently developed on such environment. I guess its safe to say that no systems are 100 percent safe or secure until now. Imho.

I respect your opinion, but you may be too biased towards Linux systems.
One of the hallmarks of Linux is its open-source code. And that is what makes these systems safe. Anyone can look at this code and make sure that there are no secret moves or bugs in it.
Another advantage is that Linux has a lot of distributions. Nobody will write viruses for every system. On the contrary, according to NetMarketShare, 88% of all computers run under the Windows operating system. You can guess for which systems different viruses are most often written.

And yes, I am with all my hands for what you say. It is never worth counting on complete safety with this or that system.
The main thing is your own attention and accuracy when working with your data.

[AakZaki]

Quite interesting with some of the applications and ant-phishing extensions that you find. But the choice of anti-phishing applications and extensions such as this also has the risk of getting a similar fake application. There are several cloning applications that are created to spread phishing addresses. want to be safer, but instead become a victim of phishing.

Actually now websites like Mozilla and Chrome already have default warnings about suspicious websites that will threaten your device. But if you really want to use a third-party application or extension, you must choose the right and original application. make sure the application or extension is recommended.