In 2016 there were over 35 million confirmed personal records compromised in the United States. In a comprehensive report from Identity Theft Resource Center, it breaks down several different areas with 72,000 from banks, 6 million from businesses, 1 million from education, 13 million from government and 15 million from medical. With this number rising every year, there are several ways to begin to safely browse the Internet while lowering the risk of having your personal data compromised. This article will serve as a general guide to some safe Internet browsing practices.
Browsers
With so many Internet browsers across several platforms there is one browser that consistently provides the best user experience while offering strong security tools. Mozilla Firefox is a well maintained and modern Internet browser with a great development and support team. To start browsing securely go to Mozilla.org, download and install Firefox for your operating system.
One of the simplest tools that can be utilized once Firefox is installed is it’s private mode. Private mode allows you to browse while not saving your history and information you input will not be saved anywhere in the browser cache.
Identifying Secure Websites
There are a few methods when it comes to identifying if a website is secure or not. One of the first things that can be found is in the URL (Uniform Resource Locator or Internet address) of the website you want to visit. Most URLs now start with “https://www.example.com”, which means that data going from your computer to that website is encrypted. Visiting a website with only “http://” puts you at a substantial risk, especially if you are entering personal information on that website. You will typically also see a green lock icon in the top right of the address bar of your browser indicating the site you are visiting is secure. Satisfying these two conditions when browsing will reduce your risk of your data being compromised.
How to Avoid Potential Phishing
The following items describe different ways to recognize potential phishing attempts. Phishing is when someone attempts to collect your information without your consent through an email, a websites made to look like the websites you visit, or through other electronic communication. Using this information you will be better able to recognize and avoid losing your information through phishing.
The message contains a mismatched URL
The first method is when checking the URL in a suspicious email message. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address. If the link you intend to go to doesn’t match the URL in the address bar, it is most likely a phishing attempt.
An URL contains a strange domain name
People who launch phishing attempts often depend on the victim not knowing how the DNS (Domain Name System) naming structure for domains works. The last part of a domain name will be the indicator. For example, the domain name "info.example.com" would be a child domain of "example.com" because "example.com" appears at the end of the full domain name. But an example like, "example.com.maliciousdomain.com" would not have originated from "example.com" because the reference to "example.com" is on the left side of the domain name.
The message contains poor spelling and grammar
Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, and legality. So if a message is filled with poor grammar or spelling mistakes, it probably didn't come from a major corporation's legal department.
The message asks for personal information
No matter how official an email message might look, it's always a bad sign if the message asks for personal information. Your bank doesn't need you to send it your account number, it already knows what that is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.
The offer seems too good to be true
There is an old saying that if something seems too good to be true, it probably is. That holds especially true for email messages.
You didn't initiate the action
If you get a message informing you that you have won a contest you did not enter, it will most likely be a phishing attempt
You're asked to send money to cover expenses
In the correspondence, the person will likely ask for money to cover expenses, taxes, or fees.
Something just doesn't look right
If it doesn’t feel right, there’s probably a reason why.
Summary
This article covered the basics of secure web browsing, including browser applications, Identifying secure websites and how to recognize phishing attempts. Look for more articles covering in depth information on these topics soon from Project Insight.
Sources
- "10 Tips for Spotting a Phishing Email." TechRepublic. N.p., 15 Oct. 2015. Web. 17 Jan. 2017.
- ”Data Breach Report.” ITRC. Dec. 13, 2016.