The Internet is a dangerous place. Unfortunately, due to the lack of central control and ownership, and the fact that the Internet is accessible from anywhere in the world, including many countries without proper law enforcement, there are many fraudulent traps out there looking to steal people’s personal information and money.
While having proper antivirus and anti-malware software is important, it’s also important to always follow safe browsing practices to ensure your data stays private.
Watch out for Phishing
Even the best spam filters can’t catch every malicious or unsolicited email.
- If you ever receive an email from a company with a link to login and verify personal information (credit card or banking information, SSNs, etc.) online, always look at the URL of the website you are on to be sure it belongs to the company that you are dealing with. The part just before the .com (or other extension) is most important. For example, if you are on Chase’s website, the URL should read www.chase.com. If you see anything like chase.onlinebank.com, chaseonlinebank.com, chase.banking.net, that means you are NOT on Chase Bank’s actual website, rather you are on a Phishing site – one that looks like Chase but is designed to steal your information.
- Watch for shortened URLs, and numbers, hyphens or special characters in a URL. Scammers manipulate URLs to trick users. Be wary of URL's posted in facebook and sent via email. Use a search engine to identify the actual URL.
- Be sure the site is secure - look for signs of an encrypted Web site, including sites beginning with https as well as a padlock icon in your browser status bar (the location of this icon will vary based on browser).
- Retype the URL – if you are unsure if the site is real, close the browser window, open a new one, and manually go to the company’s site.
Be wary of Internet downloads
- Streaming media Web sites might seem harmless, but watching or listening to streaming media may mean downloading a special media player that could contain malware
- Downloaded files like software or other media can hide malware on your computer without your knowledge
- If a download seems too good to be true, it probably is—don't risk it!
- Never blindly accept a security dialog or execute an unexpected file, even if it comes from a web site that you visit often. Even the largest web sites can be compromised to include malware downloads and other security risks. Always carefully read and evaluate the provided text before making a decision. When in doubt - deny or cancel.
Watch out for spyware links
Any link promising to solve problems or make your computer faster for free, is most likely spyware
Don't just rely on your browser & antivirus software
Don't rely on your browser and antivirus software to protect you from malicious websites. Browsers only warn you about sites but cannot stop you from going there. Even if you have high security settings and anti-virus software, visiting a risky web site can result in viruses, spyware or worse.
Beware of windows or pages that prompt you to click a link to run software
Malicious web sites can create prompts that look like messages from your browser or computer. If you see a pop-up you think is risky, go to the company's web site for scans and downloads.
Don't provide personal information to get something free online
Criminals may use this data to break into personal or work accounts.
Scrutinize search engine links
When you use a search engine be very careful of the result you click on. Hackers use legitimate looking topics to trick you into clicking. Scrutinize the URL to ensure you are going to a legitimate web site.
Never trust free content
Free movie, music and video downloads often include pirated content and just as often this content contains viruses and malware.
Vary your passwords from site to site
When you use the same password across many sites it makes it easy for criminals to hack all of your accounts. Use more complex and varied passwords for sites with personal information such as banking sites.
Use a secure program to manage passwords
Some we suggest include LastPass or Roboform.