Serious Discussion Antivirus vs. Common Sense — What Really Keeps You Safe in 2025?

[ForgottenSeer 116559]

Malware often aims for disguise and stealth. As said before, sometimes it even lurks in an innocuous seeming file format. I trust an excellent program to recognize even more malware than myself, and I'm not that gullible.

 

[Trident]

If I created one now and spread the links here on MT, none of the products would react. It's only a question how long it will take security companies to say "oh look! a phishing website!". And I know for a fact it takes them a lot of time before they start blocking the site.

Hmm maybe sometime we can actually experiment with that… if anyone can suggest free hosting where we can put the creation

 

[Parkinsond]

They miss A LOT

McAfee webadvisor and Symantec browser protection detected much more phishing websites than Kaspersky with safe browsing, scan of encrypted connections, and its extension enabled on Edge.

 

[Marko :)]

McAfee webadvisor and Symantec browser protection detected much more phishing websites than Kaspersky with safe browsing, scan of encrypted connections, and its extension enabled on Edge.

I still think most of security companies still rely on people actually reporting the phishing instead of them capturing it themselves.

At my workplace, we use Microsoft 365 and IT said we should report any spam/phishing mail we get on our work e-mail address. Let's say we got a few and some employees actually visited the link despite header saying "Be careful! This message comes outside of your organization.". Something told me the phishing protection might not be as efficient as people think it is.

 

[Trident]

I still think most of security companies still rely on people actually reporting the phishing instead of them capturing it themselves.

No, they rely on telemetry from users, proprietary crawling, data extracted from email security solutions and third-party feeds, including but not limited to feeds from other vendors, and community lists.
Initial pre-analysis would usually flag the page. At this point it will be analysed in depth.
Trend Micro's automated page analysis usually takes around 10 minutes and Trend Micro automatically submits all untested pages that appear on your search results.

The blocklist is not the be-all end-all of blocking Phishing, it is only for performance reasons.

The reporting of SPAM is useful so next time, similar SPAM won't bypass the filtering and waste your time.

Something told me the phishing protection might not be as efficient as people think it is

Depends on the protection.

 

[Parkinsond]

I still think most of security companies still rely on people actually reporting the phishing instead of them capturing it themselves.

At my workplace, we use Microsoft 365 and IT said we should report any spam/phishing mail we get on our work e-mail address. Let's say we got a few and some employees actually visited the link despite header saying "Be careful! This message comes outside of your organization.". Something told me the phishing protection might not be as efficient as people think it is.

Similar to the rating of Web of Trust.

 

[simmerskool]

The exact definition of "lack of common sense"; common sense encompasses basic knowledge; I should not drive a car without basic knowledge regarding not only driving, but also how car works.

yeah but generally you have to take a driving and written test in order to get a license to drive a car, which is not required to operate a computer.

 

[KnownStormChaser]

I say an antivirus is still important. It's not all about common sense. It's becoming more common that hackers inbed malware into legit programs, happened to a few steam games recently. Common sense won't do much in this scenario. Only an antivirus with decent behavioural monitoring will be able to detect that malware.

 

[Parkinsond]

yeah but generally you have to take a driving and written test in order to get a license to drive a car, which is not required to operate a computer.

I had ICDL certificate long time ago

 

[Fan-of-spyshelter]

When it comes to REAL antivirus security:

ONLY COLD CAN ATTACK HEAT :
Mean,

• Only trust AVs that are signed, with verifiable developer signatures and SHA256 hashes.
  If your OS trusts it, that’s your baseline — nothing else matters, no matter the brand or hype.
• Every AV installs a kind of microkernel driver to hook the OS kernel, whether it’s Linux, Windows, or macOS.
  That’s deep system access — if you trust the wrong AV, you’re finished before malware even shows up.
• Never analyze on your personal OS or in a lazy VM.
  Set up a forensic environment, inspect root certificates via Device Manager, and use tracing installer tools to track EVERY registry and file operation.
  One install is all it takes to see what a so-called “clean” AV is really doing.
• Don’t trust compressed futures clients users — that’s amateur hour.
  One AV, one controlled environment, zero shortcuts.
• 24h+ full traffic capture is the minimum for evaluating an AV’s real behavior.
  Anyone skipping this is asking to be pwned by modern evasion techniques.
• Core isolation and Hyper-V are a joke — abandoned by hardware vendors (INTEL and AMD), useless for real attackers.
• Keeping sensitive info private ≠ keeping it secure. Invisibility isn’t defense — it’s just hiding.

If you’re not following official hardening docs and keeping up with NIST and MSRC guidance (for windows users), you’re just pretending to be secure but it's an illusion :
you will find the fact here under,

• Microsoft Driver Security Docs:
  Driver security guidance - Windows drivers
• MSRC 2022 Vulnerability:
  Security Update Guide - Microsoft Security Response Center
• NIST SP 800-218 (Secure Software Development Framework):
  https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-218.pdf
• NIST SP 800-53 Revision 5 (Security and Privacy Controls):
  https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

 

[Trident]

I had ICDL certificate long time ago

Yeah, but just notice how many times across your posts the words “I” and “me” repeat.

We are not talking about “you” or me or @simmerskool, @Divergent here individually.

You are using yourself as a “universal unit of measurement” or as a reference. Most of the people are not like you, they don’t have your habits and they don’t care about whether or not the pdf reader (which btw nowadays is the browser mostly) is connected to the network.

Accept that everyone is not the same as you and move on.

 

[Parkinsond]

Yeah, but just notice how many times across your posts the words “I” and “me” repeat.

We are not talking about “you” or me or @simmerskool, @Divergent here individually.

You are using yourself as a “universal unit of measurement” or as a reference. Most of the people are not like you, they don’t have your habits and they don’t care about whether or not the pdf reader (which btw nowadays is the browser mostly) is connected to the network.

Accept that everyone is not the same as you and move on.

I can only provide my personal experience; I have no idea about that of other members to tell.
And by the way, ICDL is not that good; it includes MS Access module, while skipping basic cybersecurity.

 

[Trident]

I can only provide my personal experience; I have no idea about that of other members to tell.
And by the way, ICDL is not that good; it includes MS Access module, while skipping basic cybersecurity.

I don’t even know what ICDL is to be honest

 

[Parkinsond]

I don’t even know what ICDL is to be honest

It is a standaridzed global test for basic computer skills; as it was one of the requirements for applying to scholarships, I had to take the test.

International Computer Driving License (ICDL) Certification Preparation | AUC School of Continuing Education

This program covers information and communication technology (ICT), using the computer and managing files, word processing; spreadsheets; using a database; presentations; web browsing, and communication.

sce.aucegypt.edu

 

[Fan-of-spyshelter]

It is a standaridzed global test for basic computer skills; as it was one of the requirements for applying to scholarships, I had to take the test.

International Computer Driving License (ICDL) Certification Preparation | AUC School of Continuing Education

This program covers information and communication technology (ICT), using the computer and managing files, word processing; spreadsheets; using a database; presentations; web browsing, and communication.

sce.aucegypt.edu

parkinsond, you are egyptian ?

 

[Parkinsond]

parkinsond, you are egyptian ?

Yes

 

[mlnevese]

I often see "common sense" tips like don't install Java on your computer or disable program x's ability to run scripts and access internet. But sometimes you NEED those abilities and disabling things or not installing others is not doable.

It's a little like the best antivirus situation. It depends on your particular use case.

 

[Parkinsond]

I often see "common sense" tips like don't install Java on your computer or disable program x's ability to run scripts and access internet. But sometimes you NEED those abilities and disabling things or not installing others is not doable.

It's a little like the best antivirus situation. It depends on your particular use case.

This is called reduction of attack surface area, similar to MD ASR.
The more the reduction, the less the productivity; it needs to be tailored according every user requirements to achieve balance between security and productivity.

 

[Sorrento]

For me I always have used an AV - Living in the real world does involve some risk, if we take no risks we will accomplish northing. a PC system for me is a tool to accomplish what I wish it to do, I can lock it up so its virtually unusable, or IMO can take reasonable precautions without spending half my life on PC security as in all things in life - This applies to home security as well - Reasonable precautions or paranoia can take over?

 

[Parkinsond]

For me I always have used an AV - Living in the real world does involve some risk, if we take no risks we will accomplish northing. a PC system for me is a tool to accomplish what I wish it to do, I can lock it up so its virtually unusable, or IMO can take reasonable precautions without spending half my life on PC security as in all things in life - This applies to home security as well - Reasonable precautions or paranoia can take over?

According to individual requirements; PC for surfing some trusted websites and watching local video files, with no torrenting, downloading cracked software, online banking, or surfing deep web, why to spend your money getting 3rd party AV for?
My PC is a second-hand, old one; the AV subscription is higher than its whole price including the second-hand LCD monitor