Safe Browsing

[VinZie]

Hello, I would like to bring to the attention of a recent increase of peoples computer being compromised. Mine has been compromised yesterday morning, and someone has managed to empty my PayPal account.

If you have ever encountered this, or is paranoid about this happening to you please continue reading and I will show you my ways of safe browsing.

Most of there tips I am sharing will help you. If you want more security then I recommend using TOR.

Now lets start!

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

So you think you got a RAT in your computer. What do you do now? Well first run virus scans using malwarebytes, bitdefender, and find a rootkit scanner online. I recommend using TDSSkiller, and ASWmbr.

So you got no results of anything! Congratulations! But what if the near future you think you downloaded a RAT?

Well first off if you use Firefox you should use this addon. https://addons.mozilla.org/en-US/firefox/addon/master-password/ (Chrome: https://chrome.google.com/webstore/detail/set-password-for-your-bro/cjmjgijhapgicbhmniemjkjeaedanank?hl=en)

It locks down your browser after a certain amount of time. You need to log back into it using a master password. You can also have hotkeys to quickly lock the browser if you have to go away for a few minutes. You can set the times also in the settings of when to lock your browser, in the incident of you forgetting to use the hotkey.

Image of firefox browser locked with master-password:

 

I never recommend using Internet Explorer or Microsoft Edge. Why? No Extension Support, Barely any interface customization options, The Missing Address Bar, No user profiles, Right-click search with default search engine, not Bing.

Now the rest is mostly just two addons I recommend getting for your browser that helps.

Addon #1: Ghostery - www.ghostery.com

Addon #2: noscript - https://noscript.net/

 

Ghostery tells you what trackers the website is using, and gives you an option to block those trackers.

 

noscript NoScript allows executable web content based on JavaScript, Java, Flash, Silverlight, and other plugins only if the site hosting is considered trusted by its user and has been previously added to a whitelist. NoScript also offers specific countermeasures against security exploits.

If you have any questions please include them in the thread.

[themctipers]

the best antivirus is you, keep that in mind...

 

totally not a virus.exe is something you shouldn't download, and ublock origin is a must need

 

 

personally, if i suspect there to be a virus on my PC i would just DBAN everything and pray it's gone.

[The Sloth]

3 minutes ago, VinZie said:

If you want more security then I recommend using TOR.

https://www.cnet.com/news/nsa-likely-targets-anybody-whos-tor-curious/

[Bouzoo]

8 minutes ago, VinZie said:

I never recommend using Internet Explorer or Microsoft Edge. Why? No Extension Support, Barely any interface customization options, The Missing Address Bar, No user profiles, Right-click search with default search engine, not Bing

Half of those things have nothing to do with security if we're honest, and Edge does support extensions. 

[Jade]

There's... a lot of bad advice in your post.

 

If you've been infected with or think you've been infected with a RAT, reinstall your OS. Period.

An extension "browser lock" isn't going to prevent them from getting your data -- trivial to bypass at best; delete extension's files from Chrome's files. Also... it's a RAT. They can (in most cases) prevent you from controlling your PC and do whatever they want, or just do it when you step away for 30 seconds.

Ghostery has been known to collect data -- it's opt-in, but it's a privacy software... c'mon.

Install an adblock (uBlock Origin); also run a pi-hole if possible (requires a Raspberry Pi but you're clearly going to extra lengths to be "secure").

Use a password manager that logs you out after a few minutes of inactivity.

Require 2FA on every service that supports it - no exceptions.

 

Edge does have extension support. Google Chrome doesn't have a very customizable UI - poor arguments against Edge.

uMatrix (can and will, unless configured otherwise) block Javascript. That's very poor advice for people who need a guide like this.

 

Edit: Also, using Tor will not magically make you more secure -- especially if you don't know what you're doing; in that case it could easily make you less secure.

[DrMacintosh]

Its very difficult to get something on your machine. 

 

The bulk of the responsibility falls (and should fall) on the user to know what they are doing. The OS and any anti virus programs are there as a failsafe, not a 1st line of defense. 

 

On my Mac all I use is Safari and an ad blocker. 

On my Desktop PC I use Chrome, an ad blocker, and Windows Defender. 

 

The only addition to that is the human brain to get out of traps with cmd+opt+esc (or activity monitor) on the Mac to stop anything and everything from doing anything and Task Manager to do the same on Windows. 

 

Rule 1 of the internet, don't go looking for trouble online, because you will find it if it doesn't find you first. 

 

[FrowningHippo]

Being a considerate and responsible internet user helps a lot you know? Besides that having proper antivirus software and perhaps an addblocker (mostly to block those adds that pose a threat to your devices) might just be your airbags and seatbelt (to use a car as a methaphor). Using good passwords is reccomended don't use predictable or same ones on all your services you know? 

[VinZie]

6 minutes ago, DrMacintosh said:

Its very difficult to get something on your machine. 

 

The bulk of the responsibility falls (and should fall) on the user to know what they are doing. The OS and any anti virus programs are there as a failsafe, not a 1st line of defense. 

 

On my Mac all I use is Safari and an ad blocker. 

On my Desktop PC I use Chrome, an ad blocker, and Windows Defender. 

 

The only addition to that is the human brain to get out of traps with cmd+opt+esc (or activity monitor) on the Mac to stop anything and everything from doing anything and Task Manager to do the same on Windows. 

 

Rule 1 of the internet, don't go looking for trouble online, because you will find it if it doesn't find you first. 

 

I am actually conducting tests with these methods on a VM. I don't know fully if there is any risks using a VM and downloading fake game hacks, etc. I will be using a VPN though, and I will be recording it. Lets see how difficult it is.