Advice Request Webroot does not open secured browser for banking

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Ocotillo

New Member
Thread author
Mar 13, 2016
1
Why doesn't Webroot open a new/separate secured browser window for banking and other financial transactions like most other malware solutions such as ESET, Kaspersky and Avast?
I hate these separate and often troublesome secured windows (so does my non-tech wife) and is a major reason I left ESET and went to Webroot. I'm wondering though how does Webroot protect financial transactions without having to open a separate, secured browser window and all the other AV's (it seems) require a new secured window?
 
  • Like
Reactions: PauloXBR

TheTRUTH

Level 1
Verified
Feb 10, 2013
39
I used webroot for few months, did test with zemana antikeylogger, when you type anything in browser that things convert into plain hash tag by webroot. SO your financial keystroke secure.
 
  • Like
Reactions: OokamiCreed

Morvotron

Level 7
Verified
Mar 24, 2015
307
Pretty sure it uses some kind of extension (probably hidden, just in case check the extensions/plug-ins list) on the browser. If it doesn't have any, then it should be as @TheTRUTH mentions, some SSL protection.
 
  • Like
Reactions: OokamiCreed
H

hjlbx

Why doesn't Webroot open a new/separate secured browser window for banking and other financial transactions like most other malware solutions such as ESET, Kaspersky and Avast?
I hate these separate and often troublesome secured windows (so does my non-tech wife) and is a major reason I left ESET and went to Webroot. I'm wondering though how does Webroot protect financial transactions without having to open a separate, secured browser window and all the other AV's (it seems) require a new secured window?

Webroot only protects supported browsers against keylogging; Internet Explorer, Chrome, Firefox (they might have added others). Webroot does NOT provide system-wide anti-keylogging protection.

They don't explicitly explain this fact - so a lot of users are confused and disappointed when they test Webroot against keyloggers. Webroot could avoid most of this by explaining more clearly how their protections actually work. I asked them to do so, but was told that if they gave even basic explanations then it would expose attack vectors. Whatever...

Anyhow, Webroot "sandboxes" the browser and prevents access to user data. The sandboxing is a policy-based one and does not use virtualization. I think Kaspersky, Bitdefender, ESET, etc open a secure browser as a visual indicator for the convenience of the user. All of the ones that use a separate browser seem to perform a number of system checks - like OS vulnerabilities, infection - or make use of virtual keyboard, keystroke encryption driver, SSL\networking, etc. Each one is a slight variation on the other.

As always, it is difficult to determine what exactly Webroot does, but it has performed pretty well in MRG's online banking tests.

I wish I had more infos that would help others understand how Webroot works at a basic level. Others here have tried to get infos over the years regarding Webroot functionality, but Webroot just doesn't want to explain much. They just expect users to accept "We assure you that everything works as intended" - which to me - is not very reassuring. It is frustrating.

So don't get the wrong impression. Webroot's browser protections for financial transactions are evidently quite good.
 
Last edited by a moderator:
  • Like
Reactions: milas

milas

Level 2
Verified
Mar 1, 2016
50
May I add this information here about the Webroot Thanks @hjlbx for that great reply. I wouldn't be able to go that much in depth. Much appreciated. But below tells consumers this. I can't give you the details of what you are asking. But I do not worry about banking while using Webroot. Please let me know if I am out of line explaining this as written, Thanks

The Identity Shield protects all the details you share with an internet bank. It protects
information like login details, passwords, account numbers, credit card details and
personal information such as addresses, dates of birth etc. It also adds a second layer of
protection against highly targeted banking and information stealing Trojans to ensure your
identity and online activities are fully secure.
Webroot SecureAnywhere protects you in these ways:
• Identifies if a website you visit is the genuine site making sure it’s not a false
banking (phishing) site
• Ensures your login information is only entered into the website it’s intended
for
• Protects your personal information, even if there’s already unidentified
malicious software on your PC
• Automatically protects your web browser, cookies and saved website data
• Prevents browser attacks from keyloggers and screengrabbers that try to
peer into your banking activity
• Protects clipboard data from theft and stops URL grabbing attacks
• Blocks browser modification attempts and any suspicious access to browser
windows

Managing protected applications

http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C6_IDProtection/CH6c_ManagingProtecte..
 
H

hjlbx

• Ensures your login information is only entered into the website it’s intended for

This is accomplished by using the Password Manager in Internet Security Complete - but that fact isn't explained in the Webroot literature.
 
  • Like
Reactions: milas

milas

Level 2
Verified
Mar 1, 2016
50
• Ensures your login information is only entered into the website it’s intended for

This is accomplished by using the Password Manager in Internet Security Complete - but that fact isn't explained in the Webroot literature.

Yes, True there should be more literature. But even with Webroot AV you are protected...aren't you just with the Webshields? Am i wrong about that?
 
H

hjlbx

Yes, True there should be more literature. But even with Webroot AV you are protected...aren't you just with the Webshields? Am i wrong about that?

Only IS+ and IS Complete include the password manager; AV doesn't include password manager.
 

milas

Level 2
Verified
Mar 1, 2016
50
Only IS+ and IS Complete include the password manager; AV doesn't include password manager.

Well I realize that WSA AV doesn't have PWM. But I thought one would still be protected when online and using online banking just by having the Identity Protection. So are you saying you have to have PWM to be protected online? Am I missing something here?
 
H

hjlbx

Well I realize that WSA AV doesn't have PWM. But I thought one would still be protected when online and using online banking just by having the Identity Protection. So are you saying you have to have PWM to be protected online? Am I missing something here?

Sorry. I didn't explain clearly.

Yes. AV, IS+ and ISC provide all the same web protections, except AV doesn't ensure your login information is only entered into the website its intended for since it doesn't have the password manager.

That's OK - as the user can always use a freeware password manager like LastPass with AV and get the same, identical protection as IS+ or ISC.

Webroot literature doesn't explain this; the literature could be more helpful.

I suppose I shouldn't be too hard on Webroot since, with the exception of Kaspersky and ESET, most security soft vendors do a rather poor job of explaining a lot of things that the typical user would never even think about.
 
  • Like
Reactions: safe1st and milas

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
May I add this information here about the Webroot Thanks @hjlbx for that great reply. I wouldn't be able to go that much in depth. Much appreciated. But below tells consumers this. I can't give you the details of what you are asking. But I do not worry about banking while using Webroot. Please let me know if I am out of line explaining this as written, Thanks

The Identity Shield protects all the details you share with an internet bank. It protects
information like login details, passwords, account numbers, credit card details and
personal information such as addresses, dates of birth etc. It also adds a second layer of
protection against highly targeted banking and information stealing Trojans to ensure your
identity and online activities are fully secure.
Webroot SecureAnywhere protects you in these ways:
• Identifies if a website you visit is the genuine site making sure it’s not a false
banking (phishing) site
• Ensures your login information is only entered into the website it’s intended
for
• Protects your personal information, even if there’s already unidentified
malicious software on your PC
• Automatically protects your web browser, cookies and saved website data
• Prevents browser attacks from keyloggers and screengrabbers that try to
peer into your banking activity
Protects clipboard data from theft and stops URL grabbing attacks
• Blocks browser modification attempts and any suspicious access to browser
windows

Managing protected applications

http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C6_IDProtection/CH6c_ManagingProtecte..
"Protects clipboard data from theft and stops URL grabbing attacks"
This one doesn't seem completely compatible with Windows 10. I used both Zemana and Spyshelter test tools, and in both cases Webroot identity shield failed protect the clipboard data. As for the keylogger protection, it varies for some reason. One time it protected the keystrokes, so they didn't appeared in either Zemana or Spyshelter test tool. However after disabling and then re-enabling the keylogger test, this time they keystrokes were not protected. And you could clearly see them on the test tool.

Of course it's important to note that this was done, not with actual malware but with test tools, so highly probable Webroot would work better against actual malware/keyloggers. Seeing as I will not deal with actual malware/keyloggers, it would be helpful if any user that uses such for malware testing could verify the effectiveness of Webroot's identity shield. Especially considering the following factors: OS(Windows 7, Windows 8 or Windows 10), browser(Internet Explorer, Firefox, Chrome, etc.), and whether the browser was 32-bits or 64-bits.
 
H

hjlbx

Windows 8.1
Internet Explorer 11

Zemana Screen Logger - FAIL
Zemana Keylogger - PASS
Zemana Clipboard Capture - FAIL

I won't even bother with SpyShelter test utility - it will be the same.

Of course, if you report this to Webroot, they will reply "You just don't understand how Webroot works."

Then when you ask to explain further - you will get nothing.

Maybe @Umbra has some better insight.
 
H

hjlbx

I think paranoia about clip-board and screen capture is needless. Even with most keylogging - except in-the-browser script keyloggers because the keylogging script is embedded in the webpage.

Unless you install a malware (and this includes malicious browser extensions) onto your system that can do any of the above, then the likelihood of it happening is very, very low = almost 0 %.

That's the thing most users do not understand.

If you understand this, then it shouldn't be a concern.

Of course, if you do a lot of indiscriminate installs - well then - it's a potential problem then, innit ?

Its' common sense - research a file before you install it.

Of course, this is not 100 % fail-safe... the recent BitCoin stealing browser extension that was vetted as safe is a perfect example.

There is only so much a user and their security softs can do.
 
Last edited by a moderator:
  • Like
Reactions: mal1 and Azure

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
I think paranoia about clip-board and screen capture is needless. Even with most keylogging - except in-the-browser script keyloggers because the keylogging script is embedded in the webpage.

Unless you install a malware onto your system that can do any of the above, then the likelihood of it happening is very, very low = almost 0 %.

That's the thing most users do not understand.

If you understand this, then it shouldn't be a concern.

Of course, if you do a lot of indiscriminate installs - well then - it's a potential problem then, innit ?
I'm not worried. Simply curious about the effectiveness of identity shield and what Webroot claims.
 
D

Deleted member 178

Enable this :

EHdieWG.png


then you have a kinda anti-exe.

About keylogging, WSA will monitor suspicious executables, then the firewall module (even if not tweakable) should warn you about suspicious outbound connections.
 
H

hjlbx

@Umbra

I have tested Webroot against at least 500 malware samples - probably 2000 or so - over the past year. They were from adware to zbots - and everything in-between including keyloggers, screen\clip capture, webcam hijackers, banking trojans, data stealers, etc, etc.

Not once did Webroot ever generate an outbound firewall notification.

What are Webroot outbound firewall notifications - some mythical thing - like Sasquatch (Bigfoot - Wikipedia, the free encyclopedia) ? :D

Despite my best efforts I cannot confirm what Webroot states.
 
D

Deleted member 178

I remembered i had some a while ago...but can't remember what it was.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top