Risk Bite 10: Browsing the web safely

We are becoming increasingly dependent on the internet for many facets of our daily life. Protecting ourselves by securing our devices, software and connections is important, and making the right choices when doing things on the web can also make a huge difference to our safety online.

Here are some things to keep in mind while browsing.

Avoid unsafe sites

Some sites that are best to avoid are:

  • Video downloading sites or sites with multiple download buttons – Many of these sites offer links to click and they are likely not legitimate. Example of one such is a site that offers a recent new movie or series for free.
  • Sites with questionable purposes (including explicit sites) – These sites often host malware that may automatically install (often silently) and compromise your computer. If you are somewhere you shouldn’t be, or the site is unethical, it may be additionally harmful from a cyber-security point-of-view
  • Websites which request more personal information than you would normally expect to give, such as user name, password or other security details ‘in full’ are probably malicious.
  • Sites that make surprisingly good offers - the old saying, that if it looks too good to be true, it probably is. This is very relevant to the internet, if it looks too good to be true, you have probably stumbled upon an unsafe website. Examples are sites that offer authentic Gucci bags for $10 or the newest book in series for free in a PDF file.

If you think a website you want to visit might be harmful, check the classification of the website here.

Check for ‘HTTPS’ in the website address

Making sure any website you visit uses HTTPS is another way to make sure the site is safe. HTTP (Hypertext Transfer Protocol) is the fundamental protocol for sending data between your web browser and the websites you visit. And HTTPS is just the secure version of this. (The “S” simply stands for “secure”.) The padlock in your browser’s navigation bar is a sign that the site is secure.

HTTPS is often used for online banking and shopping because it encrypts your communications to prevent criminals from stealing sensitive information like your credit card numbers and passwords. If the website doesn't have that padlock, don't enter your password or credit card number.

Double-check the URL

Some websites masquerade as a real website, or present fake links in order to collect your data;

  • Check that the website’s address appears genuine by looking for subtle misspellings, extra words, characters or numbers or a completely different name from that you would expect the site to have.
  • Roll your mouse pointer over a link to reveal its true destination, displayed in the bottom left corner of your browser. Beware if this is different from what is displayed in the text of the link from either another website or an email.
  • Pharming is a form of online fraud involving fake websites. Even where you correctly type the address of the intended site, you can be redirected to a fraudulent one. Avoid ‘pharming’ by checking the address in your browser's address bar after you arrive at a website to make sure it matches the address you typed, for example, ‘eebay’ instead of ‘eBay’.

Turn on safe browsing settings in your web browser

The security settings on your web browser determine what types of pages you visit, and they protect you from potentially unsafe sites. For example, many browsers (like google, firefox or bing) give you the option to block particular websites that are known to "phish," which means they try to trick you into disclosing your personal financial data. Consider the below setting for your browser:

  • Enable auto-install updates
  • Block unwanted pop-ups (‘push’ notifications from websites you visit, which pop-up on your screen)
  • Block unwanted add-ons or plugins (extra software)
  • Disable internet tracking (the collection of data about your internet use)
  • Browse in “Incognito” or “Private Mode” when using borrowed or shared computers so none of your browsing history gets saved to that computer
  • Always remember to log out of a secure website when you have completed your transaction, and before you close the browser. Closing the browser does not necessarily log you out.

For more information on browser safety settings read here.

We hope that these Cyber Security articles have been of use to you so far, but if there is another topic of interest which you would like us to cover, please contact Bel in the Risk and Compliance Team.