- Aug 27, 2020
- 446
Hi, I never do online banking on public Wi-Fi, IMHO it sounds weird to do so, I do online banking with Bitdefender Safe Pay at home behind my new router and Bitdefender Firewall. 
Which antivirus to use for Online Banking protection?
- Thread starter redvet
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
For banking & shopping which done only on my home network I use brave browser in private mode with adguard & mbam extensions , using bookmarked links to my banks , shops, etc .For extra protection against hackers I use Oxynger virtual keyboard antilogger (encrypts all typing) & which has an vgood anti screenlogger .AV is Kaspersky.
- Dec 23, 2014
- 8,514
You do not have an isolated environment with Sandboxie when banking. Sandboxie will not protect the sandboxed web browser from the malware active in the system. Only the opposite is true (the system is protected from the sandboxed malware).
To have the isolated web browser one has to use a virtual machine, Application Guard (Edge, Chrome) on Windows 10 Pro, or the AV with a secure banking web browser.
Instead of using Sandboxie for banking, it is more secure to create a separate user account only for banking.
Last edited:
- May 4, 2018
- 2,261
First steps to take:
1. Bookmark all online sites that solely deal with YOUR money, such as the following: your online banks website, PayPal, eBay, Amazon etc. This stop you accidentally entering in the wrong page.
2. Never open emails from dodgy recipients you don't know, do not open any .pdf files unless you've verified from the sender it's legit.
3. Use a PW Manager such as Bitwarden. It will not let you type in your details on a site that's not on file.
4. Do not use a VPN and do all banking at home, not at free wi-fi places. Look at Antifa, they're whole organisational structure has been exposed because they decided to use Starbucks wi-fi.
5. Just use common sense, if it's too good to be true it more than likely is.
"Banking Protection" is a mere facade solicited to take money off consumer that buy into the concept.
~LDogg
1. Bookmark all online sites that solely deal with YOUR money, such as the following: your online banks website, PayPal, eBay, Amazon etc. This stop you accidentally entering in the wrong page.
2. Never open emails from dodgy recipients you don't know, do not open any .pdf files unless you've verified from the sender it's legit.
3. Use a PW Manager such as Bitwarden. It will not let you type in your details on a site that's not on file.
4. Do not use a VPN and do all banking at home, not at free wi-fi places. Look at Antifa, they're whole organisational structure has been exposed because they decided to use Starbucks wi-fi.
5. Just use common sense, if it's too good to be true it more than likely is.
"Banking Protection" is a mere facade solicited to take money off consumer that buy into the concept.
~LDogg
Also using a solution like my 3-browser-profiles is good for data isolation.
- Jun 26, 2020
- 440
- Dec 23, 2014
- 8,514
The last sentence is slightly far-fetched (can be misunderstood by readers).
Some people, especially in business, cannot sometimes follow points 2 and 4. That is why banking modules are commonly included in AV business versions and avoided in home versions.
- Dec 23, 2014
- 8,514
- Dec 23, 2014
- 8,514
I highly recommend using a separate user account only for banking (but not for shopping), even in the home environment. The web browser is isolated from the malware which could infect the computer while doing daily tasks on another user account. The isolation is very strong, except when the malware can run with Admin privileges. Furthermore, some malware even running with Admin privileges on another account will not start on the separate banking account. So, simply restart the computer and sign in to the banking account for banking.
Last edited:
- Aug 21, 2020
- 608
Chrome browser has Eset built in and prevents DNS spoofing, TLS downgrading. Just make sure there is no middleman installed that decrypt your traffic. The other great alternative is Edge browser with Application Guard enabled which will run your browser in a VM. AVs provide "secure" browsers that are often outdated so I don't recommend them. Use 2fa, don't click on links in your emails and double check the url in the browser and you should be fine for 99.99999% of cases.
- May 4, 2018
- 2,261
My points are not aimed at people with a business at all, the socio-economic group my points were referring to would be readers of the forums much like the OP that's a home user. Businesses wouldn't use my points as generally they have their own IT Department with an IT Policy and a strict set of guidelines to adhere too, plus employee training. So none of those points would be logically addressed to a business user.The last sentence is slightly far-fetched (can be misunderstood by readers).
Some people, especially in business, cannot sometimes follow points 2 and 4. That is why banking modules are commonly included in AV business versions and avoided in home versions.
The last section of my sentence can be misunderstood, but the ideals of a computer user is the first line of defense is the human. Again everything I type in this section is solely based at the home user. Using banking protection can put someone into a false sense of security, it only takes one dodgy phishing scam and boom access to that Account is open. So none of my points or ideas would apply to a business or corporate user.
For a home user it's about using common sense and basic IT knowledge. The human user is always the first to see everything. Hence my points are ideal for banking and buying online.
~LDogg
- Dec 23, 2014
- 8,514
This is not important for secure banking browsers:
- They are not used for daily tasks.
- They are hardened against the malware already running on the system (banking trojans).
- They can recognize when the banking traffic is redirected/intercepted via the malicious server.
- Dec 23, 2014
- 8,514
- May 4, 2018
- 2,261
Aha no problem my friendIt is OK. That is how I understood your previous post (except for the last sentence).
~LDogg
- Aug 21, 2020
- 608
Point 2 and 3 are covered by Chrome. As I said Chrome runs Eset to check for any fileless malware and the browser is constantly probing with root DNS servers to the point where DNS providers are worried:
A Chrome feature is creating enormous load on global root DNS servers
Google is doing to DNS what D-Link once did to NTP.
arstechnica.com
The hooks AVs are using is actually breaking the sandboxing protections that are built into Chrome and Edge.
- Jul 6, 2017
- 2,392
Apart from all the good advice given by colleagues.
I will say that with a Linux distribution on a USB,
and before checking the link of the Bank in the Total Virus, I also think it is safe.
I will say that with a Linux distribution on a USB,
and before checking the link of the Bank in the Total Virus, I also think it is safe.
- Jan 27, 2018
- 1,415
All you need to do is keep your computer free of malware, so AV, updated browsers and OS, adblocker, thats it. Do not over-think or over-armour.
- Aug 4, 2016
- 1,465
My bank (most UK banks) (really) prefers you to use a phone or tablet & their App for home use rather than a PC, you can use a PC/Mac but the sign in is quite complex, so banking on a PC isn't something done much at all on UK banks?
- Dec 23, 2014
- 8,514
If I correctly recall, Chrome uses Eset technology in the Chrome Cleanup engine. I did not research much this feature, but it is with Chrome for a few years. When we look at the MRG Effitas tests it is clear that this feature cannot cover points 2 and 3 (Botnet test, Simulator test) for Microsoft Defender which uses Chrome:Point 2 and 3 are covered by Chrome. As I said Chrome runs Eset to check for any fileless malware and the browser is constantly probing with root DNS servers to the point where DNS providers are worried:
A Chrome feature is creating enormous load on global root DNS servers
Google is doing to DNS what D-Link once did to NTP.
The Eset secure browser blocked both Botnet test and Simulator test.
Yes, a little. Nothing is perfect. For closer compatibility with Windows and Chrome, one can use WD/MSD.
Anyway, I do not advertise banking modules, especially in the home environment. My comments are intended to clarify when the banking module can be useful.
Last edited:
- Sep 5, 2017
- 1,173
how to check the certificate of the bank account and also what about cross site request forgery it is bit tricky ?? Kaspersky to decrypt the traffic to check it so it is1.use a secure dns service with doh or dot to prevent dns spoofing, dns mitm attacks. ( I highly recommend NextDns coupled with yoga dns app, if your router supports doh or dot, that's even better, use it ) . Now browsers also support doh, you can use that too.
2. Do not install shady apps or use apps from unrecognised sources.
3. Make sure that the application you install is signed digitally and is signed by a known good entity.
4. Use up-to-date browsers. Brave,Chrome or edge chromium are highly recommended.
5. Use an extension like "https everywhere".
6. You can use any antivirus application as long as it's updated regularly. Windows defender is very good and if you couple it either with configure defender or hard configurator it becomes one hell of a security solution. Apart from that it's totally free.
7. Do check the certificate of the banking website before doing the login procedure.
8. Do not install unnecessary browser extensions. Use only what you need. Keep the number to the minimum if possible. Use only the most recognised and known extensions.
good
also adguard DNS provide DNS poisonings/spoofing protection as you could see
Similar threads
