Are You Really Being Secure Online?
May 2017 Volume 12 Issue 05
From the desk of Thomas F. Duffy, MS-ISAC Chair
Browsing the web and interacting with websites in a secure fashion is immensely important in today’s connected world. Everyday things like online banking, shopping, and submitting your taxes involve sharing financial and sensitive information online. This makes browsing securely something that everyone should consider more closely. Below we will explore some ways to connect to the Internet and browse websites securely, as well as how you can double check that you are being secure.
Use a Secured Wi-Fi Network
Wi-Fi access is widely available, but many of the free connections are to unsecured public Wi-Fi that will leave your information traveling openly! On an unsecured public Wi-Fi network, cybercriminals can easily access the data you are transmitting due to the fact that your information is not encrypted.
A more secure public Wi-Fi network requires a password or credentials to gain access that is provided by someone acting in an official capacity for the local business and the use of encryption. When looking for an available and more secure wireless network, you will see ones using encryption marked with a small lock symbol next to the name of the network. Some hotels and shops that provide free Wi-Fi to customers provide access to their secure networks by providing you with credentials or an access code when checking in, making a purchase, or on request.
How do you know the Wi-Fi network is one you should trust? Ask someone who should know – the hotel concierge, the barista at the coffee shop, etc. There are no rules about naming your Wi-Fi network, so many Wi-Fi networks run by malicious actors use names that you expect to trust. Ask - don’t trust the name!
If you opt to use a public Wi-Fi connection, make sure you understand the risk – others may be able to see what you do. Keep this in mind and do not conduct sensitive transactions or log in using your credentials on any sites. Not all apps and sites support encryption and other good security practices, which leaves you much more open to many types of cyber-attacks when on a public Wi-Fi connection.
Secure Your Information in Transit
Keep an eye out for that little lock icon on your browser, or the “https” in the URL! Sites that are taking security seriously will encrypt the sensitive information you are exchanging with the site. This is a strong way to ensure that your online activities like shopping or submitting personal information are protected.
The small lock icon or “https” at the beginning of the URL are indicators that encryption is currently in use. The lock icon is commonly found in the address bar on the most popular browsers, including Chrome, Firefox, Safari, Edge, and Internet Explorer.
Verify the Website
When you are looking for information or products online, make sure you are on the website you intended to visit, or are going to the correct site.
One particular sneaky technique used by cyber criminals is called typosquatting. Typosquatting is when someone purposely owns a website that is similar to a trusted website but with a typo in the address. For instance, the website “thisissafe” might be trusted, but the website “thisisafe” could be a malicious website using typosquatting. People are often linked to these incorrect, but very closely named websites through phishing emails sent out by malicious actors. Many websites look the same, and sometimes criminals or other unscrupulous folks use the names and logos of trustworthy companies to mislead you. In some forms of attack, a user being led to a false, but convincing copy of a known website will be prompted to enter their legitimate credentials, which are stolen by the malicious actor who set up this ruse.
A good practice is to not click a link that is provided in your emails and to instead go type the intended website’s address directly into your browser to ensure you get to the right place.