Online banking/shopping question

If I'm correct, the Pro version has SafeZone too.

 

your right it does, i just checked.

 

I think it helps to start by understanding the attack vectors. There are trojans that steal logon and other personal information. They have to be kept off the machine with a combination of AV autoprotect" (real time monitoring) and on demand scanners such as MBAM and SAS. To guard against the possibility that one of these gets past the AV you also want an Anti-Keylogging app, such as Prevx/SafeOnline or Zemana Antilogger. That way even if you get infected these will prevent the trojan from copying your keystrokes.

If there's a possibility that you will make transactions over "Open wifi" (Starbucks, et al) you need a VPN to encrypt the wireless part of the connection. This prevents others from "sniffing" your activity. VPN subscription services are very affordable.

I also dedicate one browser for banking and use it for nothing else. You can disable "Tabs" so there is no chance of being connected to more than one site at a time. I use Internet Explorer since it has Protected Mode.

Last you want to enable multi-factor authentication. My bank offers a system where every time I logon they send a text to my phone with a code that must be used together with the account logon information. If the account info is stolen the bad guys still can't get in unless they also steal my phone - pretty unlikely.

Hope this helps.

 

Very good explanation. Helps us that aren't quite as security literate.

 

Very informative thread.I also use e-banking sometimes just with IE9 and MSE as protection.For browsing i use sandboxie/firefox. How about Neo’s SafeKeys or AVG link scanne .... instead of prevx safe online.Is the protection similar?

 

One that's updated monthly is Lightweight Portable Security.

 

Does Neo's SafeKeys provide protection against Man-In-The-Browser attacks (-https://secure.wikimedia.org/wikipedia/en/wiki/Man_in_the_Browser), etc? If not, you should consider Prevx SafeOnline. I'm not familiar with that tool.

Regarding AVG LinkScanner, among other things, like anti-phishing, it will protect against web browser-based exploits, by scanning http traffic, regardless of the web browser.

Never LinkScanner should be considered an alternative to something like Prevx SafeOnline, rather a complementary solution. AVG LinkScanner won't protect you against keyloggers, etc., unless they will get in the system via an exploit; which in that case, it will only be a complementary solution as I mentioned.

 

Neo’s SafeKeys

http://www.aplin.com.au/neos-safekeys-v3/how-neos-safekeys-v3-works

"on-screen keyboard that provides protection against hardware and software key loggers, including protection against screen logging, key logging, clipboard logging, and more."

I wanted to know if someone's already using AVG link scanner and adds this tool (portable too) is it = similar protection of prevx safe online for e- banking.A lot of folks don't like installing too many real time security software's.

 

Neo's Safekey fight keyloggers/screengrabbers in an unconventional way.
i think it is a clever, "outside of the box" thinking, application.

it doesn't need to install anything to run, just run the exe

 

OK. Previously, you had mentioned "Neo’s SafeKeys or AVG link scanne"(r) (You forgot the "r", so I won't quote it. lol)

But, for what I could read in the URL you provided, I couldn't see if it provides MitB protection. At least, I didn't read anything pointing in that direction.

From the Wikipedia article I previously gave URL.

More on it: -http://blog.fireeye.com/research/2010/02/man-in-the-browser.html#more

 

The problem is....... if you use Prevx safeonline or Trusteer Rapport both conflict with sandboxie.If you choose to use sandboxie you are not fully protected for E-banking or e-shopping because it lacks protection against 'Man-In-The-Browser attacks', Key loggers and other threats so whats the work around for people with simple security setups like just MSE or Avast free so that they are reasonably protected to shop and bank online and use the protection of sandboxie for their every day surfing? and where does AVG link scanner fit in.

 

Here's what I do.

All normal web surfing, other than known secure sites, I do in a sandbox, set to auto-delete on exit. Here my main priorities are to protect the system from the browser session, and to protect confidential data from being accessed (and possibly stolen) through the browser.

Banking and shopping I do in an unsandboxed browser session, protected by Trusteer Rapport (I get it free from my bank). Here my main priority is to protect the browser session from the system, just in case the real system had somehow already become infected, outside the sandboxed environment.

If all web surfing, other than banking and shopping on verified secure sites, is being done in a sandbox, I don't see the need for AVG Link Scanner. Properly configured, Sandboxie should prevent anything nasty from entering.

 

How are you able to use Trusteer Rapport and sandboxie without conflicts ? The solution i was looking for was to use sandboxie and some other browser security measures like prevx which is simple for average guy so that even people with simple setups can add a layer for E-Banking and Shopping.I always use sandboxie( still not too confident when it comes to banking) but cant say about other relatives/friends who are not so conscious about layered security..Since banking/shopping are part of our daily lives i find this thread informative and some good advice/input will help all.

 

You can't.

Sandboxie puts a wrapper round the browser that prevents it from communicating with the rest of the system outside the wrapper. Trusteer Rapport and Prevx SafeOnline put a wrapper round the browser that prevents the rest of the system outside the wrapper from seeing inside (a kind of reverse sandbox). The two approaches are fundamentally incompatible and can't be used together at the same time. When I want to use Rapport, I launch a normal browser session. When I want to use Sandboxie, I launch a sandboxed session, which temporarily disables Rapport for the duration of the sandboxed session.

If you want to combine virtualisation with the kind of browser protection that Trusteer Rapport and Prevx SafeOnline offer then you could consider using a light virtualisation utility such as Returnil or Shadow Defender. Because light virtualisation utilities virtualise the entire system partition (usually the C drive) they work in a different way to an application sandbox utility such as Sandboxie. Light virtualisation utilities are compatible with, and can be used in conjunction with, a browser protection utility such as Trusteer Rapport or Prevx SafeOnline.

 

A simple workaround might be

a) use Iron or chromium (are not supported by trusteer) with sandboxie

b) use IE or FF or Opera with trusteer rapport for on-line banking

or use

a) Trusteer with chrome (chrome has a sandbox of its own)

b) use K-meleon or lunascape (with your favourite engine) with sandboxie

 

Thanks.. Very useful information.I might try Shadow Defender if its still available or other combination's you guys suggested.

 

This is what I do to relatives who do home-banking.

A different standard user account for home-banking. In this account the web browser to be used is Internet Explorer. The choice for this web browser has to do with a few factors: compatibility, great malicious URL protection by IE8 SmartScreen, Protected Mode and a few other tweaks.

I have installed both LinkScanner and Prevx SafeOnline. I do not care for Sandboxie in this scenario, and simply because Internet Explorer is only allowed access to the bank's own IPs.

You may ask why LinkScanner then? My relatives aren't me, and so I needed to create certain breaches for the sake of usability and convenience in their general web browsing account, which is also a standard user account. In this account, Chromium web browser is used and with an explicit low integrity level. This means that any successful exploit against Chromium will only be able to write malicious code to restricted areas, which will contain the infection(s) and couldn't do practically nothing. But, the low integrity level (a very restrict "Protected Mode") won't prevent an exploit from being successful and write to Chromium's memory process; this means that malware, with the intention of stealing credentials, could read from the web browser and other processes. This is where LinkScanner comes in, because it will block the exploit, and if the exploit is blocked, then it won't do nothing...

Sandboxie, on its turn, wouldn't prevent such an exploit; it would only contain it, but it wouldn't prevent the malware from stealing credentials, and simply because the web browser's own process is allowed Internet access (the same process that could be exploited and malicious code run within it). Others are welcome to rectify this, if you see it necessary, if somehow I'm confusing myself.

So, regarding web browser protection, Sandboxie has no place in the setup I've deployed.

Sandboxie does have an additional usability (not security) benefit, though, in my own setup, but that's another topic.

I prefer this approach to global virtualization; I rather act than react. I'm not disdaining such type of application, though. So that it's clear. I just don't see it as a main or one of the main line of defenses; only one of the last resources.

 

How about using a different os like Ubuntu for online shopping and banking?

 

Firefox + Noscript. That's all you need.

If you are worried to use your PC to do online banking, then you should not use your PC as that means you are insecure in your own PC security and cleanliness.

Use a LiveCD Ubuntu or something instead.