Safe Browsing Habits 101


I’ve found that when I say “practice safe browsing habits” many people have no idea what I’m talking about. This is an unfortunate truth in our world, and I hope that by writing this post that I can help to educate some of you on how to stay safe on the Internet, so that more people will know and practice safe browsing habits.

I’ll break this up into categories. This will be an ongoing and updated page as I think of more tips to list here. I encourage those who read this post to submit your own tips in the comments for inclusion in the list if I’ve missed it, share your stories about what happened because you didn’t practice safe browsing habits, to share this link with your friends and family, and to give your opinion of this post and it’s content.

General Internet Safe Browsing Habits

  1. Always check the address bar at the top of the screen to ensure you’re at the official website, and not a carbon copy of the website you think you’re at, hosted at a different address.
  2. Always look for the little yellow padlock and the letters “https” rather than “http” when signing into an online account or making online purchases. This means that information you provide, such as your name, address, and credit card information, is being encrypted on it’s way to the web server that hosts the website you’re buying from. This is important because this information crosses many public devices before reaching its destination, and a man in the middle can access this data if it’s not encrypted.
  3. Avoid shady sites which promise offers too good to be true such as: free electronics, free software that you normally have to pay for, pirated software, nude celebrities, and the list goes on.
  4. Use a tool like AVG’s LinkScanner, which scans each page you visit before allowing you to visit it, preventing drive by downloads or malware installation scripts from infecting your computer.
  5. Install Anti-Virus software. I prefer AVG, but there are other providers out there as well. It’s up to you to get the lowdown on each and make an informed decision as to which product to use. If you trust my judgment and technical knowledge more so than your own when it comes to this subject, pick up a copy of AVG Free. If you find yourself impressed with the free version, you might consider springing for the paid version, it has a lot of great features the free version doesn’t.
  6. Always keep in mind that your Anti-Virus software is not a get out of jail free card to do whatever you like on the Internet and not get a virus. If you do not practice the safe browsing habits listed here, along with some good ole’ fashion common sense, in conjunction with your AV software, then you may do something which circumvents your AV software’s protection (such as downloading and installing a virus yourself). Also, considering How Anti-Virus Signatures Work, you may not always be protected from all the latest threats as they occur (that’s referred to as a zero day vulnerability), but if you’re practicing safe browsing habits, you may avoid a threat that even your AV software couldn’t have protected you from.

E-mail Safe Browsing Habits

  1. Don’t open e-mails from people you don’t know.
  2. Don’t open e-mail attachments from people you don’t know.
  3. Beware of e-mail attachments from people you do know. If the e-mail said nothing about an attachment or you weren’t expecting one, get in touch with the person through some medium other than e-mail and find out what’s in the attachment, and make sure they sent it. It’s common for some worms to e-mail themselves to people in your contact list, so don’t automatically trust it just because it came from someone you know.
  4. If opening e-mails from people you don’t know is a necessary evil (business e-mail, customer service, etc), or you’re just one of those people who lets their curiosity get the best of them, then consider using a virtual machine to open e-mails. Windows Virtual PC is a free download from Microsoft and will allow you to install any Windows Operating System inside a virtual environment separate from your Windows Operating System currently installed on your computer. So if you do get a worm, only your virtual pc is infected. It’s much easier to replace a quick virtual machine install that you only use to open e-mails rather then your entire OS and all the applications you installed on it.
  5. Don’t pass on “chain letters” or forwards, at least not messages that have no informative value. It may seem harmless, and I’m not really sure what people’s motives behind starting them are, but the end result is a lot of useless Internet traffic which has to be processed before real e-mails and requests for web pages can be processed. It seems so innocent, how could forwarding one little chain letter hurt anything? Don’t forget there are millions of other people around the world doing the same thing, all that useless traffic adds up. Not to mention that they’re annoying and personally I question a person’s reliability if they forward me bad news or even worse, a message that just says I’ll have bad luck if I don’t pass it on. I have broken many chain letters in my time, and I assure you no ghost is going to kill you, and you’re not going to have bad luck, so break the cycle and don’t forward spam.
  6. If you don’t want to part with thousands of dollars of your own money, getting nothing in return, then trash those generic e-mails from random foreign guy, who needs an American citizen to set him up a bank account in the US for whatever contrived reason, and will split the millions he saves by doing this with you, but somewhere along the line needs you to wire him a large cash sum. You’re not investing in your future, you’re giving your money to a con artist.

Social Networking Safe Browsing Habits

  1. Be careful who you add as a friend to your social networking account. Day in and day out you probably post personal information such as names of people you know, where you work, where you’re currently at, what you’re doing, etc. Not to mention other personal information is littered across the site, potentially phone numbers, addresses, where you go to school, where you work, etc. This information can be used against you in many different ways, (such as how personal info is often used as security questions for online accounts to reset your password) so be careful who you grant access to your social networking account.
  2. Keep a close eye on what applications you add. There are many applications on social networking sites like Facebook, Myspace, LinkedIn, etc which enhance our social networking experience. What we often don’t consider is what kind of privileges we’re bestowing to the people who wrote the software. Just as programs you install on your computer can do malicious things, apps you add to your profile can do malicious things as well, or in the very least unexpected things. Things like giving programs the ability to post to your profile without needing your approval, giving apps access to information about you on your profile that they don’t necessarily need to know to perform their intended function, and just generally giving these apps access to a lot of information about you and a lot of privileges on your page that you don’t necessarily want someone else you’ve never even met to have.
  3. Watch out for strange messages from your friends which are full of bad spelling and grammar, and contain links to external pages (youtube is a popular scapegoat, but any page could be used). Even if your friend isn’t exactly a Harvard professor, bad grammar and spelling in messages is often a tell tale sign of a malicious or spam message that your friend didn’t really write. There are worms and other malware, a prime example being the Koobface worm, which spread fake messages asking you to check out a video in a link, or some other action. The link actually leads to an attack site where a script will try to install malware on your computer. Not exactly the gold you were expecting at the end of the rainbow, huh?

18 Responses to Safe Browsing Habits 101

  1. Nancy Lopez says:

    I have my AVG anti virus and it work charmly

  2. malefactor18 says:

    Glad to hear it Nancy, thanks for the feedback. Just remember to use safe browsing habits along with your AVG anti-virus for the best results when trying to stay safe online.

  3. Trish Cook says:

    I accidentally set my AVG to update once a week instead of daily (don’t ask how, I don’t have a clue). I picked up koobface and that was sooooo hard to get rid of. Took me literally a week. I don’t think enough emphasis is being made on updating DAILY.

  4. malefactor18 says:

    Thanks for the feedback Trish. You are correct, you should update daily. If you go to the AVG user interface, click “tools” on the toolbar at the top, then “advanced settings” and go to “schedule” in the list to the left of the advanced settings page, then choose “program update schedule” you can find your update schedule there. Note that by default it is set to update daily at 8AM. You can even set it to run every few hours.

    The focus of this blog post is more on the human side of security, using your own knowledge and common sense to avoid problems, rather than relying on technology to protect you completely, because it won’t. I did mention installing AV protection, because that is a good decision for any person to make. I also mentioned still being careful about what you click on even with AV software because you can do things to circumvent it, and tricking people, rather than trying to trick the software, is the latest trend in malware because so many people don’t know or don’t care about cyber security and staying safe online, so they are easier targets than their AV software. I hope to change that at least a little with this blog post.

    As I mentioned, this is more geared towards using safe browsing habits to avoid infection rather than your AV software, such as the koobface worm, if you had questioned why you were getting this random link to a video (or whatever the bait to get you to click was) with what was most likely garbled grammar and bad spelling, you wouldn’t have followed the link and wouldn’t have been infected. In fact, even if you had updated your AVG, there is a good chance you would have still been infected after clicking on the link. I’m not trying to scorn you, just demonstrate the value of practicing these safe browsing habits.

    You have given me an idea for my next post, correctly configuring and using your AVG Anti-Virus. Thanks again for the feedback, I really appreciate it.

  5. [...] This post was mentioned on Twitter by MinnDak Computers. MinnDak Computers said: Great blog on safe surfing! http://zacharychastain.wordpress.com/2010/05/03/safe-browsing-habits-101/ If you like… http://bit.ly/dtpEKg [...]

  6. texastudors says:

    One other suggestion for everyone is to download MALWAREBYTES–it is Free from CNET website. It is fantastic! It caught Trojans that Norton Anti-Virus did NOT catch.
    I also use AVG–it is Free also and works great.
    Another fantastic Free program is CCLEANER–from CNET. It cleans out the temporary internet files, and cleans up your registry to make your computer work more efficient.
    SAFE SURFING TO YOU.

  7. malefactor18 says:

    That is a great suggestion. Malwarebytes has always served me well in my endeavors to help people on the AVG Facebook Page. It’s got a great scanner and does a wonderful job of removing malware that gets past AVG. It seems that a lot of people use the AVG and Malwarebytes combination. I’ve never experienced or heard of a compatibility issue between the two, so I would certainly install Malwarebytes as well.

  8. [...] for your own actions and your own security. I recommend getting started by learning some safe browsing habits. You can’t leave all your security up to someone else, and you certainly shouldn’t [...]

  9. [...] fits the method of operation for hackers trying to spread malware. As I’ve mentioned in my safe browsing habits blog post, you should never download software to view a video. If it says you need to update a program you [...]

  10. Terri Chastain says:

    I have gotten pretty good at spotting would be scammers and realizing what to open/download on-line. I usually go with my gut “if it doesn’t seem right leave it alone” and when in doubt ask my IT guy…maybe you know him…Zach Chastain! Thamks for all your computer help/advise around here. Love you bunches!! Mom

  11. [...] may be a party to. This in turn provides AVG with more valuable information than the average user practicing safe browsing habits could provide, because the average user would not encounter as much malware as the typical software [...]

  12. [...] may be a party to. This in turn provides AVG with more valuable information than the average user practicing safe browsing habits could provide, because the average user would not encounter as much malware as the typical software [...]

  13. dpeach says:

    I taught a lecture at work on this one time. I told the class to never open email attachments. If there was ever a time that they had to open one because of work or something like that, then they should go visit a friend and check their mail on their friend’s computer. :-)

  14. Вибропогружатель свай says:

    This was a nice article to read, thank you for sharing it.

  15. Lowes Admin says:

    I’d perpetually want to be updated on new articles on this site, saved to fav! I enjoy looking at this website and I think it’s got some really useful stuff on it! .

  16. [...] in your AV software will protect you from these threats. The best defense against these threats is safe browsing habits and educating yourself on the types of threats that are out [...]

  17. I need u you block all her usage and access to facebook she is using facebook to talk to older men and rrying to runaway. please block her page immediately

  18. Dani says:

    Hello! I’ve been reading your website for a while now and finally got the courage to go ahead and give you a shout out from Porter Texas! Just wanted to say keep up the good work!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: