Since the evolution of the internet our lives have been changed in ways that many could never have predicted – We are now able to read the news, enjoy entertainment, carry out research, network, book holidays, buy, sell, study, manage finances and much, much more. Yet there are many dangers lurking on the internet, for all of us. Not least of these are malicious websites or inadvertent disclosure of personal information via various scams.
The Danger
Visiting unlawful, malicious or inappropriate websites could result in fraud, from fake websites (commonly shopping, banking, charity, dating, social networking, gaming, gambling sites). You may also encounter spyware and viruses (collectively known as malware).
Copyright infringement is a common pitfall too. With many people copying or downloading copyright protected software, photos, videos, music or documents. Phishing is designed to obtain your personal and/or financial information and possibly steal your identity. And it is possible that you, or your children, will be exposed to unexpected inappropriate content.
Your browser (for example Internet Explorer, Opera, Chrome, Safari or Firefox) will record which sites you have visited in its ‘history’, every time you use the internet. Your Internet Service Provider will keep records of your internet usage too, in accordance with legal requirements.
Online Safety
Malicious websites are very common, and it is not difficult for a skilled developer to build a convincing fake website in very little time at all.
How to avoid criminal, malicious, or inappropriate websites:
- Use your common sense and listen to your instincts.
- Always look for an address, phone number and/or email contact, or other indications that the website is genuine. Sending an email or calling to establish authenticity is a good idea if you are not sure.
- Check that the website’s address for subtle misspellings, extra words, characters, or numbers. It may have a completely different name from that you would expect the business to have.
- If you roll your mouse pointer over a link it will reveal its true destination, displayed in the bottom left corner of your browser. If this is different from what is displayed in the text of the link, beware clicking on that link.
- Secure websites will show a padlock icon in the browser window or ‘https://’ at the beginning of the web address to signify that it is using a secure link. If there is no padlock - do not enter personal information on the site.
- Often malicious websites will request more personal information than you would expect to give, such as username, password, or other complete security details. These questions could indicate that a website is malicious.
- By checking the address in your browser’s address bar after you arrive at a website to make sure it matches the address you typed you can avoid ‘pharming’. Even though you entered the address for the authentic website you could inadvertently end up on a malicious one – for example if you type ‘eebay’ instead of ‘ebay.
- Do not make snap investment decisions, seek advice if you are not sure. Many malicious sites hype investments for high or fast return. Often in shares or sometimes other commodities like vintages wines, whisky or even property – these are sometimes completely fabricated and fraudulent.
- Be careful of websites which promote schemes that involve receiving money for other people or advance payments, or sometimes the recruitment of others.
- If you suspect a website, do some research to see if you can find out anything else about the business/company. Are there reviews or articles about them?
- Unsolicited emails from strangers may contain links to malicious websites, so be careful what you click on.
Making Sure a Website is Secure
When entering private information such as passwords or credit card details on a website, you should ensure that the link is secure by:
- Look for the padlock symbol in the browser window frame that appears when you attempt to log in or register. If the padlock on the page itself, it is probably a fraudulent site.
- The ‘s’ stands for ‘secure’ in a web address and so it should begin with ‘https://’.
It is important for a website to carry a digital certificate issued by a trusted third party such as VeriSign or Thawte, to demonstrate that the information on the site has been encrypted and therefore is protected from being intercepted and stolen.
You should also need to carefully check the webpage address to confirm authenticity. It is still possible for the owner of the website to not be who there say they are even with a certificate.
The Extended Validation (or EV-SSL) certificate indicates that the issuing authority has conducted checks into the website owner. By clicking on the padlock symbol in the browser frame you can find out what kind of certificate the website is using.
It is important to remember that the padlock symbol does not reflect the website owner’s IT security or ethics.
Understanding Cookies
There are files on your computer, smartphone and tablet that websites use to store information about you between sessions, these are known are Cookies. They run simple tasks to help when logging in to websites that you have already visited and remembering details, so you don’t have to keep filling in the same forms. Some are used to track your browsing habits and then tailor advertising to you. Sometimes these are used illegally to collect data on you to be used in scams and criminal schemes.
- You can set your browser to warn you when a cookie is installed. Some websites do require cookies to run.
- Some browsers will give you more control over cookies than others, so check to see if yours will enable you to disable cookies on a site-by-site basis.
- An anti-spyware program will let you scan for so-called tracker cookies.
- Cookie management programs can help you with a many of the problems that cookies potentially cause.
- Using plain text in your emails, instead of HTML email can help you spot anything hidden in the code.
- In the UK websites need your permission first to use cookies.
Browsers
All the most common browsers will have their own security settings so it is a good idea to familiarise yourself with the features of your own particular browser’s default settings. You should set up to reflect a level of security that you feel comfortable using.
Internet Explorer, Chrome, Opera, Safari and Firefox are the most well known and used across the world and are a good place to start.
Some browsers have a feature which identifies fraudulent websites automatically.
Keep your browser and security software updated and download the latest versions that you can access to make sure you are as safe as you can be from new threats.
Deleting your browser history or by using private modes you are only preventing other users of your device from seeing the websites you have visited.
Internet service providers, search engines, law enforcement agencies and possibly your employer (if using a work computer),will still be able to see which sites you are visiting and which keywords you have used.
Also always remember that closing a browser does not log you out automatically. You should always log out before closing the browser down.
It’s important to keep your firewall and anti-virus always running to prevent anyone accessing your network with malicious software.
What to do if you encounter something illegal
- If you come across any material that you believe maybe illegal, such as child abuse, you should report it to: IWF: www.iwf.org.uk.
- If you come across racist or terrorist content, you should report this to the Police.