You might scrutinize every social media link, weigh the costs of using any USB drive and absolutely refuse to download any emailed attachment, regardless of its sender — but if you are still visiting websites wantonly, without considering their security, you aren’t nearly as safe as you might believe.
Though emails, social media and physical drives like USBs are still common attack vectors, they aren’t nearly as effective as they once were. Most victims are wary of emails, social media messages, and unfamiliar USBs, so malware distributed in this manner is finding less and less success. As a result, cybercriminals interested in getting the most bang for their buck have moved on — to infiltrating websites.
This isn’t to say that you should abandon the Internet whole-cloth. Rather, you should be more careful about where you travel around the Web and what you click on. Here’s a handy guide to help you navigate the new, malware-laden Internet with safety.
Use Security Software
You use apps and programs to make every other task easier — why not use security software to keep you from venturing to dangerous corners of the Web? The Internet protection tools scan web pages for known malware and stop you from visiting compromised sites.
Many also offer useful features like email scanning, password management, parental control, and social media protection. The software is by far the easiest and most effective way to stay safe online, so you shouldn’t scoff at investing in a trustworthy tool.
Optimize Your Browser
To review what security features your browser has available, you should navigate to the privacy and security section of your browser settings — or else download a browser you know puts security first.
How often have you tried to navigate to a familiar website — perhaps Facebook.com — and mistyped the address by mistake? You didn’t want to travel to Faecbook.com, but you hit “enter” without thinking about it.
Fortunately, most major websites have purchased common misspellings of their domain and created automatic redirects to the correct location — try visiting Googel.com, Gogle.com or Gooogle.com.
However, not all websites have done this, and hackers often capitalize on these seemingly small mistakes, purchasing similar domains and imbuing them with the worst malware imaginable. Before you hit enter in your URL bar — and before you click on any link — inspect the URL to be sure you want to visit that precise page.
Look for the Lock
Relatively recently, most web pages migrated from old and insecure HTTP to super-fast and super-safe HTTPS. This newer protocol encrypts online data, so you can be certain that any information you input into these web pages wil
l be kept out of hackers’ clutches. Because HTTPS is so superior to its predecessor, most browsers are making it easier for users to identify HTTPS sites: Next, to the URL bar, you should find a lock icon to indicate encrypted web pages.
If you don’t see a lock, you shouldn’t enter any personal information — and you should probably navigate away as fast as possible.
Investigate the Site Owners
Any legitimate website should have a page full of contact information, to help you get in touch with the person or business running the site. The availability of this information should instantly reassure you; hackers rarely bother to fabricate a site in such detail, much less truly provide their phone numbers and addresses. However, if you can’t find any contact info, you might use a website like Whois to look up who owns the domain, when and where the site was first registered and how you can contact them.
Bookmark a Website Safety Checker
Whenever you find a suspicious website, you might run it through a website checker, just to be certain you are safe. If you have an Internet security suite installed, this is an unnecessary step because your security tool should perform this test automatically. However, until you invest in Web security software, you can use a free online website checker. Ideally, the checker you bookmark will be from a trustworthy source, like Google or a recognized Web security company.