Copy
Webdancers

CautionI like to answer questions from readers and this was a good one:

For a long time, we've been told to look for https: vs. http: in the URL as an indicator of a secure site. Everybody now seems to have https: - even sites which McAffee or other security programs flag as having suspicious content. What is the way people can now look for indicators that a site is (more) secure?

First of all, let’s be clear about what https does for a website. It encrypts the connection between the web browser and the server. This prevents any of the information coming from the website from being intercepted or changed. It does not prevent a website from delivering malware or trying to persuade users to hand over personal information (phishing). So, to answer the question, how can you know that a site does not contain suspicious content?

The short answer is, most sites don’t contain malware. If you try to go to one that does, ideally you’ll be warned away. Failing that, you want to have systems in place on your computer that prevent an infection from happening.

Warnings come from various sources. Both Google Chrome and Mozilla Firefox have built in support for Google’s Safe Browsing service. This service puts a big red warning screen in front of suspected sites. Google’s Transparency Report describes it like this:

Google’s Safe Browsing service examines billions of URLs and software and content on those pages in its search for unsafe websites. Safe Browsing then warns users when they navigate to websites that could steal their personal information or install software designed to take over their computers. Every day, Safe Browsing discovers thousands of new unsafe sites. Many of these are legitimate websites that have been compromised by hackers. Unsafe sites fall into two categories that threaten users’ privacy and security: phishing and malware.

Microsoft Edge and Internet Explorer include a similar service called SmartScreen. Microsoft claims that their service is more effective than Google’s, detecting 99% of Socially Engineered Malware (SEM) and phishing pages.

A 2016 article on HowToGeek.com titled Don’t Use Your Antivirus’ Browser Extensions: They Can Actually Make You Less Safe suggests that the best protection is built in to the browser.

So whatever antivirus program you use, don’t install the browser extension. If you already installed it or weren’t given a choice (many install their extensions by default), visit the Extensions, Add-ons, or Plug-ins page in your web browser and disable any extensions associated with your security suite. If your antivirus program has some sort of “browser integration” that breaks the way basic SSL encryption is supposed to work, you should probably disable that feature too.

Other steps for browser security

Keep your browser updated. Chrome and Firefox have automatic update enabled by default and the security benefits are worth leaving them this way. Edge and Internet Explorer rely on the Windows Update system, so make sure that this is either set to automatic or that you update regularly.

Use an anti-virus program with real time scanning. These should prevent malware from running or being installed, even if you visit a malware infected site. Choosing anti-virus software is a topic unto itself and several independent sites, such as AV-Comparatives, provide good testing data and selection advise.

Install a content filtering (ad blocking) extension. These programs operate by blocking the code downloads that enable ads to track you across the internet. These downloads aren’t usually malicious but can have a severe impact on browser performance and data usage. I recommend the open source uBlock Origin. To download and install, search for the correct version for your browser.

Prefer secured websites. While they can’t prevent malware or phishing, an encrypted website is generally better than one that is not. The HTTPS Everywhere extension will automatically switch your connection to use encryption on sites where it’s available. Again, search for the correct version for your browser.

Stay safe out there

While there’s not much you can do about the proliferation of malware, once you start learning about how to protect yourself, your odds of staying safe go up. Stay away from obviously dodgy sites (cough-porn-cough). Pay attention to messages that come from your browser (they will be full screen, not pop-ups) and run an anti-virus program with real time scanning and you should be fine.

Until next week.
Twitter
Twitter
Facebook
Facebook
Google Plus
Google Plus
LinkedIn
LinkedIn
Website
Website
Copyright © 2018 webdancers, All rights reserved.


forward to a friend

unsubscribe from this list    update subscription preferences 

Email Marketing Powered by Mailchimp