Bitcoin Forum
November 15, 2024, 01:16:49 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Don't trust anti-viruses for your security  (Read 233 times)
libert19 (OP)
Hero Member
*****
Offline Offline

Activity: 2688
Merit: 972


View Profile WWW
July 20, 2021, 01:24:30 PM
Merited by DdmrDdmr (3), vapourminer (1)
 #1

Context: https://mobile.twitter.com/jamiebxne/status/1414972231055298560

Guy clicked on phishing link because the bitdefender showed green tick to it.
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2856
Merit: 3071


https://bit.ly/387FXHi lightning theory


View Profile
July 20, 2021, 01:41:03 PM
 #2

Don't do anything if you're too tired to read a domain name above a search engine result imo.

Free av will only pick up stuff it's seen before  in most cases (and that link didn't look like it was phishing - too many extra letters - I assume that's why the av didn't flag it).

If you don't know something well enough to type in its domain name - I think you need to do some more research on it first.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18747


View Profile
July 20, 2021, 03:24:42 PM
Last edit: July 20, 2021, 04:09:25 PM by o_e_l_e_o
Merited by Welsh (6), DdmrDdmr (3), ABCbits (2), vapourminer (1), Lucius (1)
 #3

Things he did wrong:
  • Kept $50,000 on a hot wallet.
  • Used a search engine to find a link instead of bookmarking it or typing it by hand.
  • Used Google, which is known to host and promote scams.
  • Clicked on a Google ad, which are like 95% scams at this point.
  • Isn't using an ad blocker which would have blocked the scam ad.
  • Didn't read the obviously incorrect URL. (I mean, REALLY obvious - "myewetlhervwallet")
  • Didn't use a password manager which would have not entered his credentials in a website with a non-matching URL.

Not doing any one of those things would have been enough to protect him from this scam. I feel bad for him, but that's a big list of very newbie mistakes he had to make to fall victim to this.

What he (and everyone else) should be doing:
  • Use a hardware wallet or other cold storage
  • Use Firefox or Tor (and never Chrome)
  • Use DDG (and never Google)
  • Use uBlock origin
  • Use KeePass
  • Bookmarked the link
sheenshane
Legendary
*
Offline Offline

Activity: 2506
Merit: 1232



View Profile WWW
July 20, 2021, 04:21:00 PM
 #4

It's another victim just because of Google ads, shame on them, they're a big company but they can't able to filter those phishing and malicious links that who paid ads, as long as they had paid, they are free to advertise.

The victim was lack of research and was a little bit lazy because even checking and verifying the links as long as there's a green check doesn't mean it is safe in Google, using our common sense sometimes will protect us from a scam like this.  We shouldn't trust Google ads clicking on it because we know that they aren't safe at all.

The consequences of using chrome extension wallets, it's better to use hardware wallets.  The victim had been got hacked for $40,000 - $45,000 but why can't able to purchase even a small amount of hardware wallet.

█████████████████████████████████
████████▀▀█▀▀█▀▀█▀▀▀▀▀▀▀▀████████
████████▄▄█▄▄█▄▄██████████▀██████
█████░░█░░█░░█░░████████████▀████
██▀▀█▀▀█▀▀█▀▀█▀▀██████████████▀██
██▄▄█▄▄█▄▄█▄▄█▄▄█▄▄▄▄▄▄██████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀███████████████████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀██████████▄▄▄██████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
 Crypto Marketing Agency
By AB de Royse

████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████████████████████████████████████████████████████████████████████████████████████████
WIN $50 FREE RAFFLE
Community Giveaway

██████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████
██
██████████████████████
██████████████████▀▀████
██████████████▀▀░░░░████
██████████▀▀░░░▄▀░░▐████
██████▀▀░░░░▄█▀░░░░█████
████▄▄░░░▄██▀░░░░░▐█████
████████░█▀░░░░░░░██████
████████▌▐░░▄░░░░▐██████
█████████░▄███▄░░███████
████████████████████████
████████████████████████
████████████████████████
BitMaxz
Legendary
*
Offline Offline

Activity: 3444
Merit: 3173


Playbet.io - Crypto Casino and Sportsbook


View Profile WWW
July 20, 2021, 05:20:43 PM
 #5

The big mistake here was he didn't notice the domain or URL of the website why would he blame antivirus for his mistake.

Look at the details of the domain

Code:
Domain:myewetlhervwallet.com
Registrar:NameCheap, Inc.
Registered On:2021-05-08
Expires On:2022-05-08
Updated On:2021-05-08
Status:clientTransferProhibited
Name Servers:dns1.namecheaphosting.com
dns2.namecheaphosting.com

The domain is pretty new that's a 2 month's old website so I think the antivirus only puts a red flag on the website if they only receive reports but since the domain is newly registered and no one reported it yet they shows a green flag.

I hope that man learns from his mistake, always check the domain URL before you log in.

Actually, google also has a mistake here in accepting fake websites they should manually review websites before they release it to the public as ads.
I'm sure those people who made the phishing site abusing the Google ads weakness they also giving free ads credit for new advertisers.

███████████████
█████████████████████
██████▄▄███████████████
██████▐████▄▄████████████
██████▐██▀▀▀██▄▄█████████
████████▌█████▀██▄▄██████
██████████████████▌█████
█████████████▀▄██▀▀██████
██████▐██▄▄█▌███████████
██████▐████▀█████████████
██████▀▀███████████████
█████████████████████
███████████████

.... ..Playbet.io..Casino & Sportsbook.....Grab up to  BTC + 800 Free Spins........
████████████████████████████████████████
██████████████████████████████████████████████
██████▄▄████████████████████████████████████████
██████▐████▄▄█████████████████████████████████████
██████▐██▀▀▀██▄▄██████████████████████████████████
████████▌█████▀██▄▄█████▄███▄███▄███▄█████████████
██████████████████▌████▀░░██▌██▄▄▄██████████████
█████████████▀▄██▀▀█████▄░░██▌██▄░░▄▄████▄███████
██████▐██▄▄█▌██████████▀███▀███▀███▀███▀█████████
██████▐████▀██████████████████████████████████████
██████▀▀████████████████████████████████████████
██████████████████████████████████████████████
████████████████████████████████████████
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18747


View Profile
July 20, 2021, 07:09:46 PM
 #6

they're a big company but they can't able to filter those phishing and malicious links that who paid ads
Actually, google also has a mistake here in accepting fake websites they should manually review websites before they release it to the public as ads.
Google don't care. You think a multi-billion dollar company like Google can't hire a couple of people on minimum wage to check the authenticity of ads which are submitted? Of course they could, they just don't care. Google are not your friend. They don't care about you, your data, your coins, your privacy, your security, your computer, your phone, your life, anything. They care about money. If a scammer is willing to pay money to advertise their scam, Google are quite happy to accept. If a scammer is willing to pay money to have their malware infected app listed on the Play Store, Google are quite happy to accept. As long as they make a profit, they don't care in the slightest if people lose their life savings to a scam ad they are showing.

This has been going on for years. Google have proven time and time again they are quite happy for users to have their lives ruined as long as they keep making those sweet, sweet profits. Still using Google products or trusting Google with anything is pretty much Stockholm Syndrome as this point.
hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2161


View Profile
July 20, 2021, 09:06:56 PM
 #7

This is fundamentally stupid, because these antiviruses just match an url in their database and conclude that if it wasn't yet reported as a scam, than it is not a scam. So first dozens of people who rely on this are guaranteed to get scammed if they trust their antivirus and don't take any measures. Antiviruses are handling malware in similar way - if it hasn't been reported as a malware yet, it would have a higher chance of remaining undetected.
Saidasun
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
July 20, 2021, 10:01:47 PM
 #8

This is fundamentally stupid, because these antiviruses just match an url in their database and conclude that if it wasn't yet reported as a scam, than it is not a scam. So first dozens of people who rely on this are guaranteed to get scammed if they trust their antivirus and don't take any measures. Antiviruses are handling malware in similar way - if it hasn't been reported as a malware yet, it would have a higher chance of remaining undetected.
They false flag anything that has not got an author assigned to it. If you are using Windows and start an exe or msi to install something it will usually say "from firefox" or from "Google" but if your application has not got that or if the developer forgot to add it they automatically flag it as a threat. I have had this happen so many times with github programs and its frustrating.
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
July 21, 2021, 01:32:50 AM
 #9

Using some anti-virus or not, that's a very very amateur mistake to make. I mean, clicking Google ads and not having uBlock Origin installed on your browser in the first place in freakin 2021?

» t3rminal.xyz «
Telegram Alert Bots for Traders
dkbit98
Legendary
*
Offline Offline

Activity: 2422
Merit: 7577



View Profile WWW
July 21, 2021, 08:55:02 AM
 #10

Most antivirus software are junk that just waste resources of your computer and doing nothing much to protect you from threats, or they have a bunch of false alerts  
On top of that, nothing can protect you from phishing and fake websites that pop-up all the time like mushrooms, and most mistakes are done by human errors.
Having Malwarebytes installed and doing periodic scans is not a bad idea, but I would not use the same computer for general stuff, internet and for holding Bitcoin and other cryptocurrencies.
Some basic protection is to use offline computer or hardware wallet for your crypto, switch to DuckDuckGo or BraveSearch for internet search and use adblockers to remove ads from websites.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
pilosopotasyo
Member
**
Offline Offline

Activity: 952
Merit: 27


View Profile
July 21, 2021, 10:31:06 AM
 #11

I'm surprised for a guy with $50k coins on his wallet but is not aware of the many tricks scammers and hackers are doing and even uses a search engine to get into MyEtherwallet which is the most used wallet by hackers to phished if you are going to invest or keep a huge amount of money learn how to protect yourself and your wallet first before thinking of building your portfolio, ignorance of how scammers work excuses no one, the blame is on the guy for neglecting how to protect and secure his wallet.

BACK FROM A LONG VACATION
Lucius
Legendary
*
Offline Offline

Activity: 3430
Merit: 6151


Crypto Swap Exchange🈺


View Profile WWW
July 21, 2021, 12:37:18 PM
 #12

I'm surprised for a guy with $50k coins on his wallet but is not aware of the many tricks scammers and hackers are doing...

He could have millions of $ in his crypto wallet, but that doesn’t mean he’s intelligent enough to figure out how to handle his digital assets. It is completely wrong to link someone's wealth and intelligence, because there are a lot of stupid people who are very rich, but have never earned anything in life - inheritance can be a great curse for some people.



I mean, clicking Google ads and not having uBlock Origin installed on your browser in the first place in freakin 2021?

Does one wonder what young people learn in school in computer science classes? If they play games and just surf the internet, and everything important could be presented to them in less than 60 minutes. I often meet people who complain to me that their computer is slow and that some strange things are happening to them - and this is no surprise because they have no protection and have never heard of malware or adware in their lives. It may just seem that way to me, but people seem to be getting dumber - and the only ones happy about it are hackers - easy money everywhere.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
July 21, 2021, 01:03:35 PM
 #13

Does one wonder what young people learn in school in computer science classes? If they play games and just surf the internet, and everything important could be presented to them in less than 60 minutes. I often meet people who complain to me that their computer is slow and that some strange things are happening to them - and this is no surprise because they have no protection and have never heard of malware or adware in their lives. It may just seem that way to me, but people seem to be getting dumber - and the only ones happy about it are hackers - easy money everywhere.

I assume it's the typical Microsoft Office stuff and creating basic html pages; which I definitely think should be changed in some way. And yea, I've always been an advocate in heavily prioritizing internet security in computer-related subjects, and should be taught as early as probably 5th grade.

» t3rminal.xyz «
Telegram Alert Bots for Traders
Ucy
Sr. Member
****
Offline Offline

Activity: 2688
Merit: 403


Compare rates on different exchanges & swap.


View Profile
July 22, 2021, 02:45:30 PM
 #14

Context: https://mobile.twitter.com/jamiebxne/status/1414972231055298560

Guy clicked on phishing link because the bitdefender showed green tick to it.

How is that possible... I mean a phishing site getting a green tick? Guess the site would be very close to the real one in similarity to be missed by a human or AI/bots who probably gave the green tick.
Anyway, it's important to always double check and not just completely put your trust in things like that
 

████████████████████                                                    OrangeFren.com                                                ████████████████████
instant KYC-free exchange comparison
████████████████████     Clearnet and onion available #kycfree + (prepaid Visa & Mastercard)     ████████████████████
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
July 22, 2021, 05:59:20 PM
 #15

How is that possible... I mean a phishing site getting a green tick? Guess the site would be very close to the real one in similarity to be missed by a human or AI/bots who probably gave the green tick.
Anyway, it's important to always double check and not just completely put your trust in things like that

I assume it got a green tick not because BitDefender thinks it's legit, but simply because BitDefender didn't detect the scam website to be in a sort of scam database. It's just the logical reason I could think of.

» t3rminal.xyz «
Telegram Alert Bots for Traders
sandymandy
Newbie
*
Offline Offline

Activity: 30
Merit: 0


View Profile
October 06, 2021, 10:24:05 PM
 #16

So then what can i trust to keep me protected?
boyptc
Hero Member
*****
Offline Offline

Activity: 3192
Merit: 685

~!BTC to $100k!~


View Profile
October 09, 2021, 09:14:39 PM
 #17

So then what can i trust to keep me protected?
Trust yourself and your browsing experience and attitude. You have to be careful as you browse the web despite having the anti-viruses.

There are malware that they can't detect but there are those that can detect it.

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
DeathAngel
Legendary
*
Offline Offline

Activity: 3304
Merit: 1617


#1 VIP Crypto Casino


View Profile
October 11, 2021, 11:42:06 AM
 #18

Yeah I totally agree with the OP, I am my own anti virus. This sounds a little bit like trusting the novel covid vaccine to be good for you. I’d rather trust myself to be honest, I can manage my own computer. I don’t visit any bogus websites or download any shady files.

I do have Windows Defender running in the background admittedly but I disabled Mcafee antivirus.

█████████████████████████
███████████▄█████████████
██████▀░▀█▀░▀█▀░▀████████
███████▄███▄███▄█████████
████▀██▀██▀░▀████▀░▀█████
███████████░███▀██▄██████
████▀██▀██░░░█░░░████████
███████████░███▄█▀░▀█████
████▀██▀██▄░▄███▄░░░▄████
███████▀███▀███▀██▄██████
██████▄░▄█▄░▄█▄░▄████████
███████████▀█████████████
█████████████████████████
 
.Bitcasino.io.
 
.BTC  ✦  Where winners play  BTC.
.
..
.
    ..





████
████
░░▄████▄████████████▄███▄▄
░███████▄██▄▄▄▄▄▄█████████▄
███████████████████████████
▀████████████████████████▀
░░▀▀████████████████████
██████████████████▄█████████
██
▐███████▀███████▀██▄██████
███████▄██▄█▀████▀████████
░░██████▀▀▀▄▄▄████▀▀████
██▐██████████▀███▀█████████████    ████
███
████████████
███████████████    ████
█████▀████████████████▀
███████▀▀▀█████████▀▀
..
....
 
 ..✦ Play now... 
.
..
QuickAccount
Member
**
Offline Offline

Activity: 189
Merit: 52

In a world of coins, use them.


View Profile
October 11, 2021, 07:06:16 PM
Merited by libert19 (1)
 #19

Context: https://mobile.twitter.com/jamiebxne/status/1414972231055298560

Guy clicked on phishing link because the bitdefender showed green tick to it.

Its not just phishing thats an issue for anti viruses, most anti viruses scan your device to see if anything on it matches something that it has seen before, almost all antiviruses do this. Any new malware made from scratch will not be detected. Anyone over the age of 12 could look up how to make malware, and within 10 minutes make a keylogger that is undetected by malwarebytes, bitdefender, Windows Defender, the like. An antivirus isnt needed unless you love downloading random garbage and clicking every link you see.

Not your keys, not your coins.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!