Follow
@StartpageSearch
We find that using TorBrowser and #I2P are important first steps.
Purging #Cloudflare and all website that use Cloudflare including #banks, is is another important step. In #TorBrowser hit Ctrl+Shift+E to bring up the Network Tab, by looking at the domains the websites use you'll quickly see which are Cloudflare by the "cf-ray" in the HTTP response. The Block Cloudflare MITM Attack (BCMA) plugin can help.
The #UBlockOrigin addon is used by #TailsOS in TorBrowser, so use it.
@StartpageSearch
There are two caveats to the above to be mindful of.
1. Unfortunately CloudFlare is used by #Visa last we checked but Visa have a bespoke setup that negates the need for the aforementioned '#CFRay'.
2. Be mindful that the #UBlock addon fetches all its #blockLists from CloudFlare. May be reason for not blocking or warning of the #MITMAttack, and why BCMA #addon is neccessary.
Don't trust BCMA.xpi? — Convert the #XPI to a #ZIP file and read the code.
https://notabug.org/dCF/deCloudflare/src/master/subfiles/about.bcma.md