If I were you I’d cross my fingers and hope for the best, yeah. Watch for signs of unusual activity on your accounts/ email. Setup two factor authentication on important sites that support it. Credit freeze if you don’t have it already.

The only true way to know is to wipe everything and reinstall windows but that’s a bit of overkill for this situation IMO.
posted by escher at 11:27 PM on May 24, 2022

You're fine.
posted by geoff. at 11:48 PM on May 24, 2022 [8 favorites]

Being "exposed to a phishing site" isn't a problem if you don't provide any useful information like usernames, passwords, personal information, etc, and it doesn't sound like you did that. You're more concerned - rightly - about being exposed to malware or viruses.

It is possible that malware was installed on your device, but modern browsers are pretty good at stopping downloads of malware, and if a combination of Microsoft's built-in anti-virus and Malwarebytes didn't find anything then the chances are very good that there's no problem.

What will really help is to know what happened when you clicked play on the video. Did it actually play the game? In which case, you've just watched an illegal stream of an NBA game.

If I were you I'd clear down all cookies on my browser and change the master password on my password manager (if you're using one). Anything more than that (plus the virus scans, which were eminently sensible to run) would be overkill - your risk here is very low.
posted by underclocked at 11:52 PM on May 24, 2022 [15 favorites]

If you want to be extra safe, change any important passwords using some other device and don't log in to those sites with the affected computer until you've wiped and reinstalled.

That said, I think your risk is relatively low if your browser and OS are/were up to date and neither Windows Defender or Malwarebytes are showing anything malicious was installed.
posted by wierdo at 2:07 AM on May 25, 2022

So there are exploits that don’t require you to click on anything but just visit a website on a fully patched browser, but they are quite rare and usually used in targeted ways. Putting up an exploit like this on a website anyone can visit would be a sure fire way to get it patched. Phishing (where people just tell you their password) is so easy that there’s no point wasting a good exploit on some rando’s (no offense) personal information.
posted by goingonit at 4:26 AM on May 25, 2022 [2 favorites]

It very much sounds like you're fine.

From what you've said, you didn't enter your password into the site (this is what's usually meant by "phishing": sites that look like your bank's login page thus tricking you into giving them your password).

If you just clicked on "play" on a video in your browser, even on a malicious site, you should generally not be at any risk. (Except for rare cases like that @goingonit mentions.)

The only real risk I can see from your story is if you installed any software provided by the site, such as a "video player" download. It doesn't sound like you did though.
posted by richb at 5:43 AM on May 25, 2022 [1 favorite]

I would like to second what people here are saying, that you're going to be OK and you've done what you need to do. If Defender has given you a clean bill of health, reinstalling your operating system is unnecessary. Five minutes of wall clock time is an eternity to a piece of software, so plugging it back in won't change your situation (which is, again, "you're going to be OK".)

While this isn't universally true, generally speaking - as Goingonit notes - effective zero-interaction exploits are technically difficult to execute, and thus rare and valuable enough that they're not wasted on untargeted attacks. Modern end-user desktop computing as compared to even five or ten years ago is extraordinarily robust, and if you're not a journalist, a dissident or important enough to blackmail, it's very unlikely that targeted means you.

Consider installing an adblocker, if you haven't already. I'm partial to UBlock Origin, it's quite good.
posted by mhoye at 6:05 AM on May 25, 2022 [1 favorite]

Adding my voice to the general consensus that you're fine. Glad you came here to ask.
posted by humbug at 6:21 AM on May 25, 2022

Most likely thing by a long chalk, in my estimation, is that you're fine, and your machine is fine, and you probably don't need new passwords unless you're currently re-using human-memorable passwords across multiple services, in which case you do but not because of your visit to the sketchy streaming site.

My current favourite in password management software is KeePassXC, along with a free Dropbox account for distributing the passwords database file across my devices (any online file sharing service you're already using will work equally well) and any of the various KeePass-compatible phone apps (KeePassDroid is what's on mine). For desktop browsers, there's a companion browser extension that works even better than the pasting and/or auto-type mentioned in the advice I linked above.

All that said: if I were contemplating any process of changing my passwords and/or my normal processes for entering them, I would feel dubious about doing so using a machine that I had reason to think might not be fine.

If you're going to change some passwords for your own peace of mind, you'd be well advised to do so using some other machine that you already own and are confident about the ongoing security of - perhaps a phone? And if that sounds ridiculously overcautious, maybe pass that impression back to the piece of you that's currently anxious about undetected malware on your main machine.

By the way, in any ranking of sites by absolute risk, dodgy video streaming sites are well below run-of-the-mill advertising servers by my best estimate. Apart from the obvious benefits of almost never being pestered and/or interrupted and/or tracked and/or slowed down by advertising, only ever browsing the Web with uBlock Origin active is a huge security win because advertising is such a common vector for malware. So after a scare like you've just had, perhaps you might care to consider installing that in all your browsers, and only ever browsing the Web with browsers into which it can be installed.

Best practice would involve already having done that, but doing it now runs it a pretty close second.
posted by flabdablet at 6:29 AM on May 25, 2022 [3 favorites]

… and for the future, streameast.xyz has been a reliable, not too scuzzy, free sports streaming site.
posted by sixswitch at 6:43 AM on May 25, 2022 [1 favorite]

Seconding uBlock Origin, if you're concerned about accidentally downloading malware.
posted by Rash at 7:42 AM on May 25, 2022

If clicking on a bogus link was enough to get you hacked, about 8 zillion online *ahem* video watchers would be hacked every hour. You're good.
posted by Mid at 7:47 AM on May 25, 2022 [2 favorites]

Those steps you took: take it offline and scan for malware and then change passwords ...are the right steps to restore trust in the device and its software. Nice one.

It doesn't seem like the site you accessed also had you give it account information and passwords, maybe you were less exposed than you think. While the consebsus here is that you've probably not had logon details stolen, adding non-SMS multiple-factor authentication (MFA), i.e. you get a code or prompt to confirm your attempt to login but not over SMS, to as many accounts as you can will make it harder for you and people who might've stolen your credentials to access your accounts -- but you have the MFA they don't.
posted by k3ninho at 10:29 PM on May 25, 2022

This thread is closed to new comments.