Secure Web Browsing
Whether you are a teen that’s never known a world without the internet or a senior parent that’s learning the ropes online, Secure Web browsing is a must to keep your family protected from viruses, malware, and more. The internet is full of malware, spyware, and spam and your browser is a gateway to all these threats. There are several malicious sites that can compromise your data and obtain sensitive information, so strict security setting for your browser is a must.
With the advent of cloud computing, online shopping, social networking, and several other online services, a lot of important information and data is shared over the internet directly through your web browser. Add to that the plethora of plug-ins and add-ons for a various browser that can be installed, which can, in some cases, gives hackers access to your local data, and it becomes clear that it is essential to have the correct security setting for your browser.
There is also an increasing threat of attacks on web browsers from installed software, where new software vulnerabilities are exploited to attack browsers through malicious websites. These problems generally occur when unsuspecting users click on links or navigate to Web pages that contain malicious content. Sometimes, certain security settings also require blocking functions or features of a browser that are intended to enhance the browsing experience and many websites also suggest that certain features enabled for optimal viewing. In such cases, a uniformed user might unknowingly choose functionality over security.
WHAT IS THE THREAT?
Attackers are vulnerabilities in your software to infect your system and attack web browser vulnerabilities. This is a low-cost way of doing it. Attacking browsers is quick and easy as attackers do not need to target specific users; rather, they develop malicious websites that infect or compromise systems that have weak browser security settings.
Alternatively, malicious e-mails with infected attachments are also an easy way to attack systems through browsers. A Web browser with decreased or no security can lead to a variety of attacks, including access to financial accounts, saved passwords, local data and user details, viral infection, and installation of adware and spyware.
HOW IT’S DONE
Phishing is a common method of identity theft, money laundering, and viral infection. The targeted user would generally get an e-mail that mimics official bank, credit card company or other business communication, requesting the user to provide private and sensitive information, such as account numbers, passwords or even payments. The e-mail contains a link to a malicious website, where the users are requested to enter their credentials and details. These websites are made to look as authentic and as secure as possible to convince the user to trust it and submit the sensitive information.
A similar variant to phishing is tabnapping, which has gained popularity since the advent of tabbed browsing in all popular browsers. Users generally have the tendency to open multiple tabs in one browser window, and sometimes a tab is left idle for a prolonged period of time. With tabnapping, users navigate to what seems to be a legitimate site in a browser tab, but when a new tab is opened, the tabnapping program kicks in and the hidden tab redirects to a similar looking malicious site.
Another common way of compromising browsers is via cookies. Cookies are packets of data sent by a server to a user’s browser, which are then saved either temporarily or permanently by the browser onto the user’s local drive. Whenever the user accesses the same server again, the cookies are used for automatically logging in to the user’s account. Although cookies are small text files that will not harm your data, they can compromise your identity or confidentiality when certain sites send unauthorized cookies to your system. They can also be used to track a user, thereby compromising your anonymity.
Apart from unauthorized cookies, attackers can also use packet sniffers to find cookies being transferred between users and servers on the same network and steal other users’ cookie information to mimic their identity or even hack into their accounts. Similarly, attackers can also send scripts to browsers that make the browser send cookies to unauthorized servers along with the intended recipient server.
HOW TO PREVENT THREAT?
There are a few general rules to follow and steps to take in order to prevent a security breach, no matter what browser you are using. Browsers are constantly being updated to fix loopholes and block new bugs, so it is essential to update your browser regularly.
Along with this, most browsers also display a warning when they suspect a site of containing malicious content or being insecure. While these warnings can be false in certain cases, more often than not, it is better to heed the warning and avoid navigating to the site unless you are completely sure it is safe. Another simple rule is to avoid clicking on suspicious ads or links and avoid opening e-mails from unknown senders.
As far as the security settings for specific browsers are concerned, we will look at the most popular browsers; Internet Explorer, Firefox, Chrome, and Safari.
The Trusted Sites zone contains a list of sites that you consider to be safe to visit. Click on the Sites button to open a window where you can add or remove trusted sites. If your Internet zone security level is set to high, some sites that you wish to visit might not function properly, adding them to the trusted sites list will ensure that features like ActiveX and scripting are enabled for these sites.
To manage your cookies and extensions, move to the Privacy tab. Set the Privacy setting to High and then click on the Advanced button. In the Advanced Privacy Settings window, check the Override automatic cookie handling checkbox. Also, select Prompt for First-party and Third-party cookies. This way, you will get a notification every time a site tries to send cookies to your system. You can also check the Always allow session cookies option as session cookies are deleted each time the browser is closed and are therefore less dangerous.
To reduce the number of cookies notifications from frequently visited sites, you can select the Sites button and add sites for which you wish to always allow or block cookies.
To change the security settings for Firefox, go to Tools | Options. In the Main tab, enable Always ask me where to save files so that you are always aware when a site is trying to save a file to your system.
Click on the Privacy tab to modify the cookies settings. In the History section, uncheck the box for Remember what I enter in forms to prevent the browser from saving your personal details. In the Cookies sections, check the box for Accept cookies from sites and select Ask me every time in the dropdown menu. This gives you control of the cookies that are sent to your system.
Under the Security tab, check the box for Warn me when sites try to install add-ons so that you can keep track of the sites and the type of addons being installed. Also, if you wish for Firefox to remember your passwords, then it is advisable to enable the Use a master password function, which encrypts all your login details.
To view the Security settings in Chrome, click the Customize and Control Google Chrome button (spanner). Then click Options and select the Under the Hood menu.
Here you can change the privacy settings and manage downloaded files. In the Privacy section, check the Enable phishing and malware protection, and in the Downloads section, check the box for Ask where to save each file before downloading to track all the files downloaded to your system.
In the Privacy section, click the Content settings button to modify the cookies, scripts and plug-ins settings. In the Cookies section, select Block sites from setting any data to block all cookies. Click the Manage exceptions button to add or remove sites for which cookies should be accepted.
In the Plug-ins section, you can either select Block all or you can select Disable individual plugins to block certain unwanted plug-ins. In the Popups section, block all pop-ups, and in the Location section, select Do not allow any site to track my physical location for browser anonymity.
The first thing to do in Safari is to click the Safari button and then check Block Pop-up windows. Then click the Preferences option, and in the General tab, select a target folder to save downloaded files and uncheck the option to Open “Safe” files after downloading
TEST YOUR SECURITY
There are some websites that can help ensure that your browser settings are optimized for security and are safe from malware.
- ‘Qualys BrowserCheck’ – BrowserCheck scans your browser’s security settings by installing a plug-in to check for data encryption, browser extensions, and add-ons. The service gives you a clear analysis of all your security settings, as well as version history and any available updates. You also get the option to fix insecure extensions or outdated versions directly through the results page.
- ‘Panopticlick’ – This service takes a different view at browser security. There are many ways in which sites can track you and one of those ways is the uniqueness of your browser fingerprint. Panopticlick determines how many bits of “identifying information” your browser sends out and how they contribute to your unique fingerprint. The higher your bit count, the easier it is to track you. Characteristics that contribute to your browser fingerprint include plug-in details, time-zone, resolution, fonts, and cookies.
- PC Flank – The PC Flank site provides services to test the overall security of your computer, including stealth tests, viral infection tests and browser tests. The browser test determines if your system is giving away personal information, your location, or your ISP, and also gives you specific recommendations based on the test results.
- Browserscope – Browserscope gives you a comprehensive comparison of every aspect of all the top browsers. Apart from comparing the test results for different browsers, you can also use the site to test your browser with its specific settings for different features, including security. The personal browser security check gives you an analysis of test results for various APIs, cross-site scripting, privacy settings, and security settings, giving your browser a final score out of 17. You can even compare your result with results for other browsers.
- Browser SPY.dk – Browser SPY is a site that gives you a plethora of tests to check the settings of every function your browser has to offer. The service tests the settings, extensions, and plug-ins to determine how much personal information your browser is dispatching along with a range of 64 tests to keep every vulnerable function in check.
Final Thoughts on Safe Browsing Tips
So, These were the Secure Web Browsing Tips For 2019 to make you Stay Safe while surfing the Internet. Don’t be prey for attackers & scammers online. Be a step ahead. Let us know your thoughts in the comment below