The Ultimate Guide to Safe Online BrowsingLast Updated by John Bennet on May 26, 2020
Table of Content:
- Choose the Right Browser Chapter 1
- Choose the Right Search Engine Chapter 2
- Best Browsing Practices Chapter 3
- Browser Extensions Chapter 4
- Use a VPN Chapter 5
- Avoid PUA’s Chapter 6
- Delete Delete Delete: Clean up Your Content Chapter 8
- Stay Safe on Your Smartphone Chapter 9
- Always Enable 2FA Chapter 10
- Never use Public Wi-Fi Chapter 11
- Get Creative with Password Management Chapter 12
- Avoid Applications Chapter 13
- Be careful Where you Click Chapter 14
- Bookmarking Chapter 15
- Always Keep up to Date with Updates Chapter 16
- Install the Best Anti-Virus Software Chapter 17
- Take your PC to the Doctor Chapter 18
- Use Blockchain Technology Chapter 19
- Don’t Sell your Data Chapter 20
- Browse and Post Less Chapter 21
- Summary: Safe Online Browsing Summary
The Dangers of Bad Browsing Habits
It is next to impossible to understate the importance of good cyber security habits. Not only are more assets and identities becoming digitalized, but people are spending an increased amount of time online. With the rise of virtual reality and augmented reality products, as well as wearable technology in general, people will be online nearly 24/7. What this means is that people are vulnerable to data hacks more than ever.
What is even worse, is that hackers are getting more creative in the types of attack they deploy Symantec have found an 8,500 % increase in crypto-jacking, where cyber-criminals use the host PC to mine cryptocurrency, instead of traditional ransomware techniques. The first sign that a desktop has been compromised is an incredibly high electricity bill, as cryptocurrency mining is very expensive.
Global cybercrime is estimated to cost $6 trillion by 2021. The reality is that security experts and groups are hard-pressed to prevent a new wave of cyber-crime attacks in a new era with more people online than ever before as well as new platforms for criminals to deploy new attacks. Cyber attacks are the fastest growing type of crime in the USA
And on the opposite end of the spectrum, companies like Facebook, Instagram, Twitter, Google, and Amazon are known for collecting user data that they should not have any access to. So regular internet users have to worry about both sides, centralized corporations harvesting data and cyber criminals installing viruses and accessing sensitive information. Companies are far more interested in making money than they are in protecting customer data.
Fortunately, there are a number of well established and simple techniques that could be used to drastically reduce the chances of a hack happening to you. Little to no computer knowledge is required, the issue is that people fail to take the basic security precautions necessary to ensure safe browsing online. If you are going to be online for the rest of your life, as many people will be, then it makes sense to invest in basic security protocols. Read on for the most useful and recommended 21 tips to ensure ultimate safety for online browsing.
1 – Choose the Right Browser
One of the first steps that you can choose is choosing the right browser. The safest browser at the present time is Tor, with its built-in security features. Tor actually doubles as a virtual private network. However, Tor can be quite slow, and there needs to be a mix between usability and security.
Aside from Tor, the best browsers are Mozilla, Opera and Brave. They have fewer associations with large corporations who have a tendency to harvest customer data. Chrome and Safari are to be avoided where possible, with Internet Explorer and Microsoft Edge the least safe. If you are using Chrome, Safari or Microsoft Edge, then it becomes more important to use a privacy based search engine or privacy focused browser extensions.
2 – Choose the Right Search Engine
Even if you select a safe browser, when you are running queries on the Google search engine you are still feeding data into Google, accused of illegitimately collecting customer data. There are a large number of alternatives available to users. Google market share has actually fallen in recent years and smaller search engines have come a long away.
Choosing a privacy based search engine is a crucial step in preventing Google from accessing your queries, which it tracks at all times. Typically, searches are encrypted, and search terms expire, and many have developed additional features for safe online browsing. Among the best privacy based search engines are:
3 – Best Browsing Practices
There are a number of minor but critical items to remember when browsing online. The main ones are to never leave your computer unlocked and to make sure that you only shop on secure shopping sites. Always check for the green padlock on all sites with the https sign. This means that the site is official and secure, and not a fake site which will collect your user name and password.
This advice is especially important when filling in credit card information or other sensitive data. It is also a good idea to clean your history, downloads and cookies as frequently as possible. This will speed up your machine while also leaving less information behind, which can often be tracked and monitored.
When browsing online, it is a good idea to keep your browser software up to date. Hackers often exploit old security vulnerabilities in browsers that have not been patched. And when you are using an application and any kind of software, always read the privacy policies. Theses can be quite lengthy. However, if people actually read the data that is accessible by these applications, they are far less likely to use them. Another tip for online browsing is to remove the autofill section for username and password.
4 – Browser Extensions
There are a number of additional extensions which can be used to make the browsing experience safer and easier. An ad blocker is almost essential, though good search engines and browsers will often include ad blockers in their services. Adblockers include AdBlock Plus, Firefox Focus and StopAd. You can also install VPN extensions which will hide your IP address, though a full VPN service is often a better alternative. Such extensions include Ghostery and Hola.
5 – Use a VPN
A Virtual Private Network (VPN) is without a doubt one of the best techniques to combat both hackers and corporations from accessing your data. A VPN changes your IP address and encrypts the connection when you visit sites. So a hacker who is listening in would have to decrypt the information. And central authorities would not be able to track you using your IP address. Good VPN providers will delete logs promptly or will not keep logs at all, depending on the jurisdiction. The best VPN providers include:
6 – Avoid PUA’s
A potentially unwanted application (PUA) is a program the user downloads that turns out to have unwanted side effects. These are not considered viruses or malware. An example is a free software application that promises to protect your computer against viruses, yet it changes your default search engine and it is difficult to change it back. Additionally, they can take up significant system resources.
The fact is that a lot of free applications can turn out to be PUAs. Only download reputable applications and programs with a high rating that have stood the test of time. It can be useful to stick with a few high-quality programs instead of using various extensions, addons and anti-virus programs. So don’t download PUA’s that say they are going to improve safety or speed, as they can often do the opposite. Stick with well known and high-quality services.
8 – Delete Delete Delete: Clean up Your Content
Many people post way too much stuff, on far too many sites. People have now become content creators. But on the internet, things stay there forever, unless you delete them. And sometimes, even cached pages can be found on Google. YouTube, Facebook, Twitter, and all of the big social media sites offer the capability to clean up your data from previous posts and images. Run through your history and see if there is content that you are not satisfied with. And then simply delete it.
People are actually more in control of their data than they realize, it’s just they never bother to go to the trouble of actually deleting and managing it. For example, it is entirely possible to delete all Facebook data. When you delete it, it will take 90 days to be removed from Facebook servers. You never know when somebody might tie something back to you online and a data cleanup is good every once in a while.
You may also want to visit forums where you have posted and review your content, as well as unsubscribing from as many email lists as possible. You can take a day where you do a complete data reclaim across all sites. It is very easy to do and does not take that long.
9 – Stay Safe on Your Smartphone
Many people make the mistake of securing their home computer or laptop only. This can be a big mistake for many reasons. Smartphones are even more vulnerable than personal computers. They are taken on the go and connect to various networks. Each time you connect to a network with a device, your chances of being hacked increase.
You can further strengthen smartphone browsing safety with a high-quality Android or IOS VPN to browse on the go. There are a number of smartphones coming out with a focus on security, which could be a good investment. Like a computer, put a code on your smartphone and make sure it is not unattended.
Over 28% of US residents do not even lock their screens, according to the Pew Research Center. According to the same research report, only 40% updated their phones when updates were available. It is doubly important to update to the latest OS in terms of smartphone security, though users can be frustrated with the constant updates on Android and other operating systems.
10 – Always Enable 2FA
Two Factor Authentication (2FA) is one of the most important security precautions to take when browsing online. Even if you take all the security measures, there is still a chance that your username and password could get compromised. Hackers are creative and innovative in many ways. But with 2FA, even if a hacker does gain access to your online shopping account or your email, you are still safe.
With 2FA, a code is sent to your smartphone every 30 seconds. You need this code to log into your account. So when a hacker has your username and password, he won’t be allowed to log in to your account because he won’t have the additional code that changes every 30 seconds. Whenever you use a new browser or login from a new IP address, you will be prompted to insert a 2FA code. The best and most popular 2FA application is Google Authenticator. It is available on Android and IOS. You can connect many websites to your 2FA account.
11 – Never use Public Wi-Fi
Hackers have set up fake Wi-Fi hotspots with names like “free public Wi-Fi”. When you log on to their network, your data is theirs. Make sure the network you are logging into is authentic, and only shop and browse on reputable sites when on the go. When you log on to a fake network, the amount of data that a hacker has on you is scary, including previous locations, passwords, usernames, bank account details and more.
But it is even better to go one step further and simply never use Public Wi-Fi. Hackers are known to target public Wi-Fi because it is far more profitable to hack a network that hundreds of people use every day as opposed to private networks that few people use. Using basic hardware, all visitors on a public Wi-Fi can be redirected to a different network. All phones and smartphones that connect to the network are compromised. And users are far more likely to connect to a network called “McDonalds” or “Starbucks”, where they can easily be redirected to a page looking official but being nothing but a hacker’s network.
12 – Get Creative with Password Management
If you use one password on 20 different sites, then the odds of a hacker gaining access increases by a factor of twenty. But if you use 20 unique passwords, then the hacker will only have access to one site. So it is important to use strong and unique passwords where possible. Security experts have consistently identified strong and unique passwords as the number on technique to safe online browsing.
Remembering various passwords and usernames can be a difficult task. Which is why it is best to use a high-quality password manager. These password managers will store each unique password and username for each site. This will keep your credentials secure while also enabling fast login times. There are a number of high-quality password managers available. For additional protection, enable 2FA with the password manager itself, to ensure your primary password sites is not compromised.
What you can also do is self-encrypt your passwords. There are multiple ways to do this. You could assign every letter a value of +1, so a means b, and b means c. Then you can record your passwords in a file locally on your computer. Even if it gets hacked, the hackers will not understand. And most sites only allow 3 attempts before lockout and email verification.
13 – Avoid Applications
Many smartphone applications have access to far more information than is necessary for their functioning. According to a Pew internet project study, 54% of application users decided against the installation of an application when they realized how much data was required to use it. 30% of application users uninstall an application when they are shown how much data it is collecting.
Another study found that 18% of applications had access to personal contacts and 42% of applications that send data to third parties actually failed to encrypt the data. So illegally obtained information is being sent that could potentially be hacked by other third parties. And an astounding 41% of applications can track the location of users, even when running in the background.
In 2016, 1.3 million Google accounts were compromised through the use of Android applications. Android ransomware jumped 138% from Q1 to Q2 2017. If you have an Android phone, it is best to take precautions before downloading applications and browsing online. While Android is the most heavily affected, smartphone security is becoming a priority. And the idea that IOS is not vulnerable to malware is simply not true. It has seen a drastic increase in the number of malware incidents, but the market is not as large for Android, which is free and with over a billion users.
Most applications will ask for access to the camera and user contacts, even if the application has nothing to do with the camera or personal contacts. So limit mobile applications where possible, with the possible exception of a high-quality mobile VPN.
14 – Be careful Where you Click
As a general rule never run executable files. These will end in an .exe extension. You could be giving a virus permission to run its malicious code on your machine. Links that are given through direct messages could be redirects to a malicious site. If you suspect any form of attachment, do not open it.
Think before you click on any link, and be careful what you click on. Many direct message links and email links can be phishing scams. So the URL will look very similar to the typical link but will in fact be a fake site that will scrape your username and password. An example would be www.gmaial.com instead of www.gmail.com. Phishing scams are increasingly common as they are easy to perform, and the victim is willingly giving their username and password away. But again 2FA can mitigate this problem to a large degree.
15 – Bookmarking
This is a very simply and effective tool for safe online browsing. And it requires little technical skills. The most common scam today is the phishing scam, where people set up fake websites that look similar to the official website. For your most commonly used sites, it is best to find the official site, with the green padlock and the https sign in the URL, and store it in a bookmark folder in your browser. When you need to access it again, then you will have the real URL. Not only will this make your browsing experience safer, it will also make it much easier and enjoyable.
16 – Always Keep up to Date with Updates
The primary purpose of updates is not just to add new and improved features. It is often to perform security patches. A large percentage of currency hacks are due to unpatched vulnerabilities, sometimes years old. For example, Operation Prowli targeted a four year old vulnerability in servers running HP Data protector over port 5555. And WordPress sites are continually targeted due to old security vulnerabilities.
So whether it is Windows, Mac or Android, be sure everything is up to date. System updates can be an annoyance, but they are a necessary evil. And sometimes, if you do not update your device or software, it will not function correctly. Updating your system will also have the added benefit of increasing the speed of your machine.
Also, older versions are more likely to have specific viruses that target that specific OS. This is why Windows is so much more vulnerable to hacks than Mac OS. The majority of viruses were created with Windows in mind, especially since most corporations run Windows. Mac OS is more recent. The same pattern can be seen in mobile operating systems. The older the version, the more likely it is to have a virus targeting it. On the other hand, newer versions could have security vulnerabilities that have not yet been found, so it can be a tradeoff.
17 – Install the Best Anti-Virus Software
Good quality anti-virus software can also serve to block ads on your computer, which are something of a menace when browsing online. Adaware is a new form of anti-virus software that is cheap, easy to use and effective. It protects devices from malware, viruses, spyware, phishing, ads and online scams. Adaware also runs smoothly in the background and requires minimal computing resources. It is best to avoid free anti-virus programs. They will either be aggressive with ads for a paid subscription, steal your data or install some malware. They all have to make money somehow.
Additionally, your anti-virus needs to double as an anti-spyware. Anti-virus protects from viruses that could potentially destroy your files, corrupt data or take information. Spyware includes keyboard loggers and trojans that take information with regard to passwords and usernames. High-quality anti-virus software usually performs both duties.
The best anti-virus programs include Kaspersky and Norton Anti-Virus. In fact, a recent cryptocurrency mining virus (WinstarNssmMiner) targeted computers and installed itself based on what type of anti-virus program was in place on the host OS. If a high-quality anti-virus program was installed, such as Norton, Avast or Kapersky, then the virus would not even bother operating. But it would continue to work if a lesser quality anti-virus program was in place. In other words, there is no point using a lesser quality anti-virus program, as they are usually not very effective.
18 – Take your PC to the Doctor
At least once a year, a desktop computer or laptop should be taken to a specialist and cleaned as much as possible. There are a wide variety of viruses and malware that can infect a computer, from a range of different sources. You can have all the online browsing habits and techniques in place, but they will make little difference if your device is already infected. A complete clean can be the best thing to do initially, before adopting good online browsing habits.
Key logging software could be tracking every letter that you type. The best way to rectify this is to take your PC to a PC doctor. Alternatively, you can look online and do a Windows system restore, which takes your computer back to a previous point in time. This is very effective, as it will remove any viruses you picked up in the past year or two, depending on the reset point. This will also remove everything else you installed, downloaded or saved in the past 1-2 years. So make sure you backup everything important to a USB before completing the system restore.
19 – Use Blockchain Technology
Blockchain technology has the potential to completely disrupt many segments of the economy. And one of these segments is online privacy and safe browsing. Decentralized browsers are on the way and Metamask.io is a bridge to the decentralized internet, enabling users to dun DAPPs in their browser. Projects like Ethereum and Tron are seeking to decentralize the internet so that Google, Amazon and Facebook do not hold all of our data in centralized servers.
Additionally, there are a number of ICO projects that are aiming to change the industry. Liberdy.io is a GDPR compliant technology that is putting users back in control of their data. The application will enable users to extract the data that they currently share with the likes of Google and Amazon. Users can select which data they wish to share, and the application encrypts and depersonalizes the data, so it cannot be used for nefarious purposes.
Advertisers will have to buy the data directly from the user. What is happening at the moment is that Google and Facebook are harvesting our data for free, and then selling it to advertisers. This technology is cutting out the middle men, and in the future, there will be many blockchain applications they will help ensure safe online browsing.
20 – Don’t Sell your Data
A surprising percentage of people are comfortable giving away vital information in an era where such data can easily be misused. According to one website, 16% of US adults are willing to share their online habits for a better browsing experience. Essentially, this means that simply for faster times and a more interactive show, US adults are fine with giving away their data.
Additionally, 66% of Americans will give companies personal information in return for better products and services. But there is no need to give companies more information than they should have, and no need to sell data for a more enjoyable experience. Take back as much information as possible and try to prevent companies from collecting your vital information.
21 – Browse and Post Less
One of the best ways to stay secure when browsing online is to spend much less time actually browsing online. At the very least, be very careful what you post and what you search for without a high-quality VPN, as much activity is monitored or records, and much of the rest is liable to viruses and hacked.
By limiting exposure to social media and to technology in general, you limit the amount of data corporations can harvest and the number of hacks you can be subjected to. Data that is not online cannot be hacked. The internet is a giant network where hackers search for data.
Summary: Safe Online Browsing
A security report has queried a number of security experts and generated an interesting table on best advice for non-tech savvy users. In terms of account security, the top three precautions that are to be undertaken are using unique passwords, using strong passwords, and using 2FA. Using a password manager follows shortly after.
In terms of browsing habits, the most important points are to use HTTPS and to check the URL for the green padlock. Being careful where you click was another important factor. The most important security precaution identified by the report was to update as often as possible, so security vulnerabilities are patched. Not opening email attachments was also mentioned. It is helpful to note that the most important security precautions are all relatively easy to complete, yet so few people pay attention to them.
It is helpful to remember that usually the hacker needs to get you to download a virus or click on a link or attachment in order to access your computer or sensitive data. So simply being careful and aware of the dangers can go a long way towards a safe online browsing experience.