The internet is a wide open space and, much like the real world, contains the greatest and the darkest of things. This blog will focus on the best browsing practices to protect yourself on the internet.
There are a thousand and one products out there that promise to keep you safe online, and they all work to varying extents, but the best protection is situational awareness and best practices. Much like you wouldn’t walk down a dark alley at midnight in the highest crime area of a city, you shouldn’t go wandering into the dark depths of the internet.
Be Safe On Social Media
Let’s start with best social media practices. It is best practice to not publicly post your information, but if you do, following these guidelines will help keep you safe:
- Double check your privacy settings. Are you sharing more than you think?
- Think before you post: Would you be embarrassed if this picture or post was viewed by your mother or your boss? If so, you probably shouldn’t post it.
- If you are going to be leaving on vacation, don’t post this type of information publicly. Criminals have been known to search social media to find targets to burglarize.
- Don’t “friend” strangers. Criminals have been known to friend people so they can view the information they post on social media. This information can help them steal accounts with easily guessed password-recovery questions.
- Be guarded with the information you post. If you see a survey full of personal questions like your mother's maiden name, first pet, first car, street you grew up on, first job, etc., don’t fill these out. These are all common questions used for password resets.
- If you are doing online dating, pick a random handle, not one you use anyplace else – and not your real name. You should also not post pictures with identifiable places where you commonly hang out. The internet has its share of creeps and this information can help them find you, especially in smaller communities.
- Talk to your kids about the safe use of social media. In this day and age it is important that they know how to stay safe online.
Another big one is, don’t download software from peer-to-peer or other dodgy sites. Software can be expensive but illegally downloading is not only illegal, it’s dangerous.
It is easy to add Trojan virus and malware to seemingly legitimate software. Sure, the latest version of Photoshop may work just fine when you install it after downloading it off the Pirate Bay but it is very likely you also just installed ransomware, and it will cost you more in the long run. Only purchase your software from legitimate sources.
Don’t open documents in an email, instant messenger or text message, unless you are expecting them, even if it is from someone you know. This is another large vector for malware infection.
Word documents, Excel files, PDFs and other files can contain what is called a macro virus. These are programs inside the files that can be used to install malware on your computer. Once an attacker infects a computer they will send out messages to everyone in the person's contact list with a virus attached. These have even been seen on mobile phones, mainly on Android devices, which for a variety of reasons tend to be the least secure.
Keep your browsing software up to date. Browsers have become much better at this, with Firefox and Chrome automatically updating themselves. To be on the safe side, go into the menu option and check to see if your browser is up to date. If you are an Internet Explorer or Safari user, be sure that you are installing all the latest patches from Apple and Microsoft. Older browsers often have vulnerabilities that can be exploited just by visiting a malicious website.
Use an ad blocker. There is a large overlap with ad networks and malware. This is often called malvertising. Malicious code finds its way into ad sites on a regular basis because criminals know that by compromising an ad site they will be able to infect a large number of browsers. If you block these sites you avoid the ads, and the risk.
Upcoming IT Workshops
Join us January 9-10, 2017, when the CCC Information Security Center and CCC Accessibility Center will present IT Security and Accessibility workshops at Evergreen Valley College in San Jose. The back-to-back workshop events are in-person and will focus on the top issues facing the California Community Colleges in the areas of information security and web and IT accessibility. Both the Information Security and Accessibility workshops are free to attend, but registration is required.
Jeff Holden is Chief Information Security Office of
the California Community Colleges Information Security Center