A good setup for secure online banking and shopping

Discussion in 'other anti-malware software' started by Doraemon, Oct 28, 2011.

Thread Status:
Not open for further replies.
  1. Doraemon

    Doraemon Registered Member

    Joined:
    Aug 5, 2009
    Posts:
    202
    Hi all. I'm trying to sort out a setup for secure online banking and shopping. I've seen lately many posts talking about EMET and AppGuard, plus see that many people just use Sandboxie or SB plus another non-AV/IS app.

    My question is if you can safely give your credit card number under those kind of protections. I mean, I see that SB is good at not letting the malware touch your OS. But while you are shopping you may have been infected in a previous website and not have even noticed it. Am I right?

    AppGuard seems like a bulletproof configuration, even some people argue you could go only with it. But is it safe to say that AppGuard protects against loggers and other ways to capture your banking activities?

    I've been a Prevx user before FF4 came into play and IIRC it has a SafeOnline module that it's very good for banking. Is it still this way in its new reincarnation WSAC?

    I'd be very thankful to see some recommendations because I recently was robbed (and refunded) my CC number but I cannot confirm if online because it's still under investigation by the police.

    :-* :-* :-*
     
  2. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Hi there,
    There are many possibilities, and virtualization along with other layers can be fairly effective. Please check the following thread from post #461 to #464:
    https://www.wilderssecurity.com/showthread.php?t=293075&page=19

    Sandboxie can also be tightly configured to trap anything in the sandbox. Before doing anything one has to make sure to have a clean system to start with.
     
    Last edited: Oct 29, 2011
  3. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Hi,

    I see you have avast internet security in your sig. IMO avast! will be enough to take care of your online banking. It has SafeZone.

    The avast! SafeZone is a special web browser in avast which allows you to browse the web in a private, secure environment, invisible to the rest of your system.

    If you do your banking or shopping on-line, or other security-sensitive and financial transactions, you can be sure that your personal data cannot be monitored by spyware or key-logging software. Unlike the avast! Sandbox, which is intended to keep everything contained inside so that it cannot harm the rest of your system, the SafeZone is designed to keep everything else out.The SafeZone includes some other security features in addition to the basic "inside out" sandbox, such as vpn service,secure DNS etc.

    And afaik if you live in the United States, you also get avast! CreditAlert.

    You can also check the thread: https://www.wilderssecurity.com/showthread.php?t=309604&highlight=trusteer rapport
     
    Last edited: Oct 28, 2011
  4. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    Yes you are right, but there are a couple of things you can do. First, you can tightly configure Sandboxie to control what is allowed to run inside the sandbox and connect to the Internet, which should prevent malware from running inside the sandbox at all. Second, you should always empty the sandbox (if using only one) before banking and shopping, and again afterwards before resuming general web surfing; alternatively, if using the paid version of Sandboxie, you can set up a dedicated sandbox for banking and shopping, separate from the one you use for web surfing.

    AppGuard should prevent malware from infecting the system in the first place, but will do little to prevent any malware that is already installed from being able to capture your banking activities. Applications like Prevx SafeOnline and Trusteer Rapport were developed for exactly this purpose.

    Yes, it is still the case in the WSA Essentials and Complete products. It's too early to say how effective the new Identity Protection component of WSA is because the feature set and the way it works is a little different to SafeOnline so a direct comparison can't be made. There hasn't been sufficient testing yet against banking malware by the independent testing organizations to know for sure how good WSA is in this area, plus it has only just been released and is still evolving.

    Some combination of virtualization and policy restriction provides a good basis for security (Sandboxie has both for sandboxed applications). AppGuard, which you mentioned, provides system-wide policy restriction and partners well with a lightweight virtualization application like Returnil or Shadow Defender. If you want to tighten things further then look to adding something that will secure the browser session against visibility from the outside (this probably won't work in conjunction with a sandboxed browser session using Sandboxie though). A two-way firewall with effective outbound application control may also help to prevent any malware from making an outbound connection.
     
  5. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    Keep in mind Sandboxie negates the use of Trusteer Rapport. A most important tool for OLB & shopping.

    When I followed OLB up I settled on Sandbox > NO & Trusteer Rapport > YES. Also I'm using Prevx Facebook Safeonline Free. Not too sure if Trusteer & Safeonline overlap.
     
  6. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Just burn a non-rewritable CD with Puppy Linux (or another Linux live cd from your preference), and use it for online banking and shopping:thumb:
     
    Last edited: Oct 29, 2011
  7. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    In the last half year, Puppy Linux has worked well that way for me.
    http://puppylinux.org/main/Overview and Getting Started.htm
     
  8. AaLF

    AaLF Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    986
    Location:
    Sydney
    By changing to linux that only offers support at his end doesn't it? Where as Rapport also prevents phishing via website authentication to ensure that account credentials are passed to genuine sources only. Serious stuff for online shopping.

    I think Trusteer Rapport or similar software must be part of the suite.
     
  9. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    AaLF, you may be right about Puppy Linux only protecting the user's computer, and it might be possible to be fooled by fake sites, and information could be passed along from within the browsing session. But at least for me it's probably not an issue since the sites where I shop are easily recognizable as genuine, and it would be impossible to fake the sign-in process at my bank. Also I restart the browser before and after any transaction.
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,131
    Location:
    USA
    My bank offers dual authentication for online banking - in addition to entering the logon credentials the bank sends a text message to my phone with a one time numeric code. If my user name and password are stolen I am still protected because the bad guys would have to have my phone as well to logon. They also offer an email notification feature for all online transactions so I know in minutes when there has been account activity. These options are in addition to AV and sandboxing, of course. There is also the matter of a VPN if you ever use open WiFi. Hope this helps.
     
  11. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    :thumb: :thumb: :)
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Sandboxie + HIPS such as OA with something like Online Banking :rolleyes:
     
  13. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    977
    Location:
    Paris
    Before you get too involved about setting up maximum security prior to shopping online, you should consider that a major source of personal financial theft is totally and completely beyond your control.

    Not that I want to darken your day, but you may want to go here:

    http://www.informationweek.com/news/galleries/security/attacks/229300675

    In all probability your CC information is already on a pirate list somewhere. But as it is in a database of millions of other stolen credentials you may be passed by. Safety in numbers, I guess.

    Be vigilant, but don't be obsessive.
     
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,131
    Location:
    USA
    Good example of an "attack vector" that has nothing to do with PC security. Instant email notification for all account transactions is a useful response to the possibility that one's CC number is already out there. At least you know immediately when there is activity not initiated by you and can act to minimize the fraud. This perhaps is another reason to never use an ATM card for transactions since I've heard the losses are not immediately and automatically covered by the bank.
     
    Last edited: Oct 31, 2011
  15. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    977
    Location:
    Paris
    Depending on the bank, a debit card loss may not be covered at all.

    But to point, I recently had an unauthorized charge. I have a credit card from a Major oil company- only used purchasing gas, and always swiped at the pump. A few months ago when I went online to pay my bill, I noticed a charge for $1200. This was for a one way flight from Beijing to Toronto (I live in neither place). Called the Fraud Reporting number and it was taken care of Stat.

    If I had used that card for an online purchase I no doubt would have suspected sloppy security on my end instead of what actually happened, a data breach by them.
     
  16. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Please do not use super lubricant oils, supersonic cereals or sandboxie, because it is not a remedy against the intrusion vectors

    1A. When using public connections
    Easiest and shortest route to on-line security use a trusted (scrambled) VPN service (see www.bestvpnservice). When you use your netbook to do on-line banking/shopping at third party locations.

    1B Viable option when only using at home connections
    The data transport from your PC to any public or private access point (e.g. your router)

    ==> Passwords of your router/firewall should be changed, name of your SSID changed, encryption enabled using a long key phrase
    ==> It should ALLWAYS be encrypted when wireless, wired connections are very hard to breach

    *** Raises the bar for man in the middle attacks


    2. Hardening your system from intrusion directed at tapping info from keyboard or screen.
    ==> use a dedicated anti-keylogger or HIPS containg an proven anti keyloger.

    *** Prevents the infection against personal keyloggers and intrusions, IMO it is much more usefull for a hacker to either plant something in the neigbourhood of public wireless access points (option 1) or redirect browser traffic (option 3), so yes this step is usefull for paranoids, but an anti keylogger does not protect you from attack vectors 1 and 3 (and 4)


    3. Hardening your browser against the rest of your system and connection checking whether your are actually talking to the IP-address mentioned in the certificate (browser traffic redirect or / man in the browser).
    As mentioned Trysteer Rapport or PrevX/WebrootSecure anywhere

    4. Instruct the user to only buy from HTTPS sites, explain the signs and warnings, see https://www.google.com/support/chrome/bin/answer.py?answer=95617&hl=en-US


    My home situation
    a) My wife promised she would not use her smartphone for shopping etc
    b) We are only booking from home, or when travelling using a secure VPN on our android 7inch tablet
    c) My router/firewall is hardened and secured
    d) My Wife has WebRootSecureAnywhere on laptop
    e) We use Chrome, because I like the https indications
     
    Last edited: Oct 30, 2011
  17. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I resurrected my 10 year old IBM laptop, installed Slitaz linux on it and use it solely for banking and shopping. Slitaz is quite amazing, even on 10 year old hardware it boots in 20 seconds so its quick and easy to boot up and do my business.
     
  18. Doraemon

    Doraemon Registered Member

    Joined:
    Aug 5, 2009
    Posts:
    202
    Hi all and thanks a lot for your tips! Very appreciated! :thumb: :thumb: :thumb:

    I'm trying now WSAC to see how it goes. Sandboxie never worked for me under my Win7 x64 (many error codes).

    Thanks again! :D
     
  19. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    Doraemon you might have a program that's conflicting with Sandboxie. I've used Sandboxie with Windows 7 x 64 since 7 came out without having error codes.
     
    Last edited: Oct 31, 2011
  20. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    Knos Or LPS on bootable disc
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Someone had mentioned ChromiumOS in a VM or LiveCD/USB. It's essentially just Chromium/Chrome with a file manager, video player, and a few other things.

    It has a very strong vulnerability track record (two critical vulns ever) and it should serve your banking purposes just fine.
     
  22. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,786
    ZoneAlarm Extreme Security is one of the most complete suites to protect against such risks. it has ID protection and it alerts frequently about everything you do with your card. Plus add Spyshelter and your are good to go.
    I am planning to extand my ZA virus plus firewall to ZAE
     
  23. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    if you do online shopping then you must set up a Paypal account.
    this way you don't leave your credit card number everywhere.

    also, avoid using your credit card in the real world as much as possible.

    as for online banking i too recommend a Linux live disk.
     
  24. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
  25. Ranget

    Ranget Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    846
    Location:
    Not Really Sure :/
    Knos Demo !!!!!
     
Loading...
Thread Status:
Not open for further replies.