Every day we get to hear about new vulnerabilities and online hacks. Hackers are preying around to steal your crucial data. The most recent hack was of XDA-Developers forum. Though no user details were compromised. Android smartphones are already suffering from different vulnerabilities. And, we all are fighting a never ending war to protect our privacy online. So, among all these cyber hassles what can you do to protect data? What can an average Joe do? Well, don’t panic. We have you covered.
In the past, we had shared some extensions for secure browsing on Chrome. But, here in this guide, I’d like to go a little broader. I’d like to explain to you the basics of security in browsers (no matter what web browser you use) and also add some cool tips that will give you complete safe browsing experience. This guide is simplified for the Average Joe.
The Security Basics
What is HTTPS?
Well, you can read about it on Wikipedia but I’d like to explain it here in real simple words. What HTTPS actually does is, it secures the communication between the server of the website you’re accessing (that has HTTPS) and the client (which is you using the PC). How does it secure that? Using encryption. Encryption basically just creates a secret new language that only the server and the client can understand. That way no one (even hackers) will know what is passing through the connection.
Not every website can get a HTTPS/SSL certificate. Each and every content gets analyzed first. And, necessary security checks are done. Also, a security check is done by all the browsers. Some websites try to create HTTPS connection that has a mixture of encrypted and unencrypted content. That is why you get such errors as below.
Types Of Attacks
This is a type of attack make use of a button on a website. A malicious code is inserted in button-click and when the user clicks on the button the code gets executed. It doesn’t matter that you got your desired stuff on that button click but it might have also inserted some other undesired entities. Well, most browsers prevent such attacks. But, you need to be cautious before you click a button on an untrusted website (Especially download links and torrents).
2. XSS (Cross Site Scripting):
3. CSRF (Cross Site Request Forgery):
Let me just directly tell you the example. You’re on a shopping website and bought something. And, malicious code is already on your system (that might have entered by the above two methods). So, this malicious code will run a process in the background that will grab the specific URL from the browser through which the product was bought. It will manipulate the URL to do something malicious and request the website to run it. And, the website will run it because the website knows it’s the user logged in requesting to process the URL. But, it’s actually the code that’s running in the background requesting for it.
Let Common Sense Prevail
Just start using a Password Manager if you aren’t already. It will make you web browsing much safer.
Anti-Malware + Antivirus
First off, if you don’t know what is the difference between Virus and Malware then read this explainer. Or else, here’s quick overview:
Computer Virus: The name itself explains it. It spreads its infection to others. One infected file (virus itself with malicious code) will infect other files and those files will, in turn, affect other files. Thus, spreading the malicious code
Malware: This is a software program that performs actions on behalf of you without you knowing it. Also, Malware can be categorized into Spyware and Adware. They both belong in the category of Malware.
So, why use Anti-Malware with an Antivirus?
This is one of the best things I’ve learned to keep my PC secure. This will surely keep your PC away from Viruses and Malware. What you have to do is just use your favorite Antivirus (I rely on Windows Defender. And, I never regretted). Along with that use an Anti-Malware (I use MalwareBytes).
This will add two-fold security to your PC. If Windows Defender (or your Antivirus software) misses a virus or malware then the Anti-Malware will surely catch it. So, if anything malicious gets downloaded from your Web browser then it will be surely be terminated by these two. I’ve explained about it deeply on my blog.
How to Find If a Site is NOT Safe?
There are few website out there that can help you find if a website is trustworthy. You can use scnaurl.net or Norton’s Safe Web. You can add the URL of the website or a specific URL like a download link. Also, Google scans each and every URL that is shown in the search results. You can use their technology to check if the website is safe or dangerous. Visit their Transparency Report Diagnostics Page.
You are Your Own Worst Enemy
I had mentioned this earlier that you are yourself are the culprit. You are letting the attacker attack your browser/system. The malicious code won’t even enter your system if you don’t respond to malicious websites. All you have to do is just make sure that what you’re doing is recommend by a trusted source or website. And, of course, you can definitely trust us.