> The biggest scare I've gotten is somehow ending up on "colnbase.com" (instead of "coinbase.com").
You might want to install some browser extensions to block content. Then block all content (set to whitelist) and selectively add the sites you know.
If you end up on a new site with some amalgamation of letters that look familiar, the extension will rightfully block it and prompt you whether you want to whitelist or not. Big ole' red flag right there.
Of course it's not foolproof. It is just another layer in the strategy of defense-in-depth.
What I do is a greater waste of time -- I have a separate browser profile for each individual site that I might log into, and javascript is only whitelisted for that one site in that profile. It's a real pain because whenever my browser adds a new config option, I have to update the settings in each of the ~20 profiles.
It has saved me a few times where some rogue javascript tries to redirect me to some unexpected site, and the destination site simply doesn't load.
dude
what
how do you have so much free time
my lazy ass just has ublock origin with some lists enabled that my even more techbro help me set up and it automatically stops me from visiting suspicious websites
this feels like way too much work
I just want every new machine to have my extension settings, but then it's four hours later and I'm trying to check if some policy file was obsoleted in version 60
You might want to install some browser extensions to block content. Then block all content (set to whitelist) and selectively add the sites you know.
If you end up on a new site with some amalgamation of letters that look familiar, the extension will rightfully block it and prompt you whether you want to whitelist or not. Big ole' red flag right there.
Of course it's not foolproof. It is just another layer in the strategy of defense-in-depth.