AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
How to identify unsafe websites
1. How to Identify and Protect Yourself from an Unsafe Website
With more people storing personal information on their computers, it has never been more
important to protect yourself from internet predators looking to gain access to your files. One
of the many ways they can do this is by attacking your computer or trying to gather your
information from an infected or malicious website you may visit, even if only once. The best
thing you can do is to avoid malicious websites altogether.
Here are the most prevalent tell-tale signs of a threatening website and some ways that you
can protect yourself:
Never click on a link embedded in an email. Even if sent from someone
you trust, always type the link into your browser
Use your common sense. Does a website look strange to you? Is it
asking for sensitive personal information? If it looks unsafe, don’t take the
risk.
Look for signs of legitimacy. Does the website list contact
information or some signs of a real-world presence. If doubtful, contact
them by phone or email to establish their legitimacy.
Read the URL carefully. If this is a website you frequent, is the URL
spelled correctly? Often times, phishers will set up websites almost
identical to the spelling of the site you are trying to visit. An accidental
mistype may lead you to a fraudulent version of the site.
If it looks too good to be true, it probably is. Is the website offering
you a product or service at an unheard of price? Or maybe they are
promising you a huge return on investment? If the offer looks too good to
be true, trust your instincts. Do some research to find reviews or warnings
from other users.
Check the properties of any links. Right-clicking a hyperlink and
selecting “Properties” will reveal the true destination of the link. Does it
look different from what it claimed to lead you to?
You should also always be on the lookout for the clues and telltale hints that you are on a
malicious website. After all, it is by smart people noticing something wrong and reporting it
that the above tools can do their job.
2. Things to look for in a secure website
When visiting a website that asks for sensitive information such as credit card numbers or
your social security number, the first step you can take to securing your privacy is creating a
strong password (link to infosec site). Equally important is verifying that any information you
enter on this site is transmitted and stored properly. Once your information is entered online, it
is transmitted as plain text for anyone to intercept. To avoid this, make sure that the website is
encrypted over a secure connection.
•HTTPS
One such sign to look for is in the URL of the website. A secure website’s URL should begin
with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an
SSL (Secure Sockets Layer) connection. Your information will be encrypted before being sent
to a server.
•THE LOCK ICON
Another sign to look for is the “Lock” icon that is displayed somewhere in the window of your
web browser. Different browsers may position the lock in different places, but a few examples
of what it may look like can be found here:
Google Chrome
Clicking on the Lock icon will give you detailed information on the security status of this website
Mozilla Firefox
3. With Firefox, the Lock icon may not be displayed directly. Clicking on the site's icon next to the URL should reveal the Lock icon and the secure
verification
Internet Explorer
Clicking on the Lock icon will give you detailed information on the security status of this website
Protect Yourself
Utilize your internet browser’s security tools
Be sure to install the most current version of your web browser. Most browsers have
sophisticated filters that can identify and warn you of potential security threats. For information
on browser-specific security tools, explore their security features here:
Internet Explorer
Mozilla Firefox
Google Chrome
Make sure that the proper online protection tools are enabled for your Anti-Virus Software
McAfee’s SiteAdvisor
Norton’s Safe Search
4. You may also want to consider downloading an add-on for you browser that is specially
designed to identify any unsafe elements of a website
Web of Trust
AVG Link Scanner
Take advantage of your search engine’s security features
Google has a secure version of its search engine. Simply visit https://google.com when
conducting any Google search. You can read more about that here.
In your Google settings, turn on the “always use HTTPS” function through the following steps:
To disable or re-enable this feature in Gmail:
1.Sign in to Gmail.
2.Click the gear icon in the upper-right corner, and select Mail settings.
3.In the General tab, set ‘Browser Connection’ to ‘Always use https’ or ‘Don’t always use https.’
If you’ve never changed the setting before, no radio buttons will be selected, even though the default is indeed ‘Always use
https’.
4.Click Save Changes.
5.Manually change the URL to http://mail.google.com to start accessing Gmail via http.