Q&A Online Banking and shopping Security By Emsisoft?

Captain Awesome

Level 21
MH Trial
Verified
Joined
May 7, 2016
Messages
1,020
OS
Windows 10
Antivirus
Avast
#1
I have a question about Emsisoft Antimalware regarding Online banking and shopping security.Is it safe to use it when online banking? Because it has no Firewall in EAM.:unsure:
 

Atlas147

Level 29
Verified
Joined
Jul 28, 2014
Messages
1,882
OS
Windows 10
Antivirus
Kaspersky
#2
Don't really think having a firewall protects your online banking and shopping. I would think that having a web shield is the most important thing to prevent phishing from fraudulent websites pretending to be your bank or your favorite online shop. On top of that windows already has a firewall preinstalled which is pretty decent
 

Purshu_Pro

Level 29
Verified
Joined
Aug 3, 2013
Messages
1,850
OS
Windows 10
Antivirus
Emsisoft
#4
Yes absolutely. Your computer OS is built with default Firewall which should perform the same and better than 3rd party applications in some scenarios. But I suggest to follow these steps while banking.
  • Try to browse in private while banking.
  • Dont use any kind of extensions while banking, not even 3rd party security products and extension.
  • Use the latest version of browser.
  • Make use of the virtual keyboard that is available on the banking site for better keylogging security.
You cant expect any products protecting against banking exploits, so my suggestion is dont try speed up things while banking.
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
3,533
#5
@Umbra will explain to you that there are many ways for online banking to be compromised. Sorry, but no internet security suite is going to protect you against them all - especially when the hackers compromise the banking systems, ATMs, and 3rd party systems themselves. We've tried repeatedly to educate you guys about these things, but it seems nobody listens.

@Umbra will explain what protection EAM provides on your local system. You should be doing online financial transactions only on a trusted network. That means at home behind a NAT router that has not been compromised, is free of reported vulnerabilities and has its firmware updated.

When it comes to online financial transactions you cannot rely upon technology alone. You, the user, have to be observant. You should have two factor authentication and other anti-fraud measures in-place and use them. The single most important factor being a dedicated on-line checking account that is disconnected from all your other bank and financial accounts - and is funded ahead of time by you only when specific online purchases are made. If you cannot figure out what I mean by that, and you are only using a connected account then you're at high risk of online loss.

@Umbra will tell you more.
 
Last edited:

Umbra

Level 85
Content Creator
Verified
Joined
May 16, 2011
Messages
18,234
OS
Windows 10
Antivirus
Default-Deny
#6
I have a question about Emsisoft Antimalware regarding Online banking and shopping security.Is it safe to use it when online banking? Because it has no Firewall in EAM.:unsure:
Was replied by

@Umbra will explain to you that there are many ways for online banking to be compromised. Sorry, but no internet security suite is going to protect you against them all - especially when the hackers compromise the banking systems, ATMs, and 3rd party systems themselves. We've tried repeatedly to educate you about these things, but it seems nobody listens.

@Umbra will explain what protection EAM provides on your local system. You should be doing online financial transactions only on a trusted network. That means at home behind a NAT router that has not been compromised, is free of reported vulnerabilities and has its firmware updated.

When it comes to online financial transactions you cannot rely upon technology alone. You, the user, have to be observant. You should have two factor authentication and other anti-fraud measures in-place and use them. The single most important factor being a dedicated on-line checking account that is disconnected from all your other bank and financial accounts - and is funded only when specific online purchases are made. If cannot figure out what I mean by that, then you're at high risk of online loss.

@Umbra will tell you more.
Which i totally agree with.

and i will add:

Basically online banking/shopping safety isn't just about few tools you use on your machine, its depend of:

1- your surfing habits and awareness of the risks.
2- the legitimacy of the routing between the computer and the site (aka Man In The Middle). I use an old software to check it (SSLeye).
3- the security implemented by the site you are visiting.

final note: "You can't control what you can't have access to."
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
3,533
#7
Was replied by



Which i totally agree with.

and i will add:

Basically online banking/shopping safety isn't just about few tools you use on your machine, its depend of:

1- your surfing habits and awareness of the risks.
2- the legitimacy of the routing between the computer and the site (aka Man In The Middle). I use an old software to check it (SSLeye).
3- the security implemented by the site you are visiting.

final note: "You can't control what you can't have access to."
I only jumped in and replied because the initial focus in the thread was fixated upon web content filtering (anti-phishing, which I know is not a real high priority since you guys block domains). Fabian has stated that phishing site blocking is not a priority objective in the Surf Protection module. That was a few years back.

They mistakenly over-emphasize web content blocking - not knowing that most phishing and other re-direct\malicious sites are taken down within a matter of hours (24-48) - generally faster than the URL is typically reported and added to any content blocking list.
 
Last edited:
Joined
Dec 10, 2016
Messages
33
Antivirus
Bitdefender
#9
Was replied by



Which i totally agree with.

and i will add:

Basically online banking/shopping safety isn't just about few tools you use on your machine, its depend of:

1- your surfing habits and awareness of the risks.
2- the legitimacy of the routing between the computer and the site (aka Man In The Middle). I use an old software to check it (SSLeye).
3- the security implemented by the site you are visiting.

final note: "You can't control what you can't have access to."
what about tools like safepay in bitdefender internet security , it is isolated environment has virtual keyboard and no extensions .
 

Lockdown

From AppGuard
Developer
Verified
Joined
Oct 24, 2016
Messages
3,533
#10
what about tools like safepay in bitdefender internet security , it is isolated environment has virtual keyboard and no extensions .
It is the same; it will only protect against attacks made on your local system. It cannot protect against attacks made via the banking system. Your security doesn't cover that system.

You still have to be observant as the user. Phishing can still happen using an isolated environment. I don't think the VPN is automatic when you use the Safe Pay - which is to prevent Man in the Middle. However, there are multiple ways to Man in the Middle with one of them being on the banking system side. MitM isn't a single type of attack.

It's not your fault that the vendors do not explain all this stuff.

Once again it all goes back to the saying, "There is no substitute for user knowledge and experience." Most users have no idea what they are using, how to use it, and general security matters and concepts.

The current user knowlegebase is a pathetic state of affairs. It's not their fault because no one is teaching them.
 
Last edited:

DeepWeb

Level 15
Verified
Joined
Jul 1, 2017
Messages
704
OS
Windows 10
Antivirus
Emsisoft
#11
It increases your security by not injecting itself into your HTTPS sessions or rerouting it to decrypt with their own certificates like other antiviruses (Kaspersky, McAfee, Norton, oh so so many). What are these AV vendors smoking that they think it would be more secure if they do that?
 
Joined
Sep 20, 2012
Messages
59
OS
Windows 10
Antivirus
Emsisoft
#12
Totally agree @DeepWeb
Some years ago my parents PC ran Bitdefender. My dad was banking and he tries to check as much as he can. I told him some things to be aware off.
He mentioned that the browser reported a green lock in the browser but the certificate was not from the bank but from Bitdefender.
In the end we know where it came from. After the license expired I bought them a Emsisoft license.
 
T

TrinitronMSDOS

Guest
#13
Emsisoft is an anti-malware, so it will protect your banking transactions as it will block phishing websites and detect most malwares that could compromise your banking security (keylogger, spyware, etc...). The firewall has nothing to do with protecting your banking informations.

They do not offer a dedicated "banking protection" module, such as Bitdefender or Eset for example, but that's actually a good thing. Honestly the "banking protection" other AVs are talking about is a marketing scheme and kind of useless. Actually being redirected to another in house browser when connecting to your bank is not necessarily a good thing. What if you rely on your password manager to enter your infos for example ? You'd have to enter those manually each time. Also i have more trust in a good reputable browser than a proprietary one.

Anyway that's just my opinion...
 

Nightwalker

Level 11
Verified
Joined
May 26, 2014
Messages
507
OS
Windows 10
#14
Emsisoft does protect against banking malware and frauds, its behavior blocker can simple block code injection and related malware activity.



I only jumped in and replied because the initial focus in the thread was fixated upon web content filtering (anti-phishing, which I know is not a real high priority since you guys block domains). Fabian has stated that phishing site blocking is not a priority objective in the Surf Protection module. That was a few years back.

They mistakenly over-emphasize web content blocking - not knowing that most phishing and other re-direct\malicious sites are taken down within a matter of hours (24-48) - generally faster than the URL is typically reported and added to any content blocking list.
That has changed, Surf Protection is much better against phishing sites now and it is something that Emsisoft is always looking to improve:



2017 in Review: Ransomware threats and evolving protection