Safe web browsing

We use the internet for everything - from ordering a coffee on the way to work to online banking and grocery shopping. Having the internet is necessary for some aspects of our lives. It is also where scammers operate, so it’s important to know what potentially unsafe behaviours or requests look like when browsing.

Your web browser will have built-in security features to warn you if something doesn’t look right – if a site is not secure or cannot be authenticated, for instance. These warnings will not stop you from visiting an unsafe site so ultimately, it is up to you to keep an eye out for the signs and act accordingly.

  • Check for HTTPS - always check the security of a website before entering, especially when provided with links in an email
  • Use trusted links or URLs - when downloading anything from a website, check it is secure or use trusted links you have already bookmarked. URLs can be doctored – check them by hovering your mouse over them first. If in doubt do not click.
  • Software updates - keep your software updated regularly to enable security updates
  • Pop-ups – be aware of pop-up prompts to download or install software
  • Free Content – any offers of free content with invitations to download should be treated with caution
  • Bogus Search results – Fake news (clickbait) sites can appear in your search results.
  • Autocomplete and Remember Me – avoid ticking the box for autocomplete of forms or remembering personal results when filling out online forms.
  • Strong passwords – use different passwords across all sites and change them regularly.
  • Shared computers and Wi-Fi – do not conduct sensitive tasks such as financial or banking tasks on shared workstations or across unsecured Wi-Fi.

Download of Applications

Like web browsing, applications are used by everyone. Applications (or Apps) are available to download to all your devices, from mobile phones to desktop computers. There are two categories.

  1. Native Apps - The applications that come with your browser or operating system are called native apps. They can be your photo or storage apps that come with your smartphone or your Microsoft or Mac operating system apps via your browser.
  2. Third-party Apps - the Apps you download that are outside your system are called third-party apps. A third-party app can also be called a web extension when downloaded via your browser. A third-party app will request permissions to manage your data – they may require access to your photos, camera, microphone, or calendar, depending on the app’s purpose.

App Permissions - When you download third-party apps and allow access to your data, it is important to remember that unless you regularly update app permissions or delete apps you no longer use, that permission is granted forever.

The University supports various applications and systems that house research data, intellectual property, and personal/confidential information. So, it is vital that you only use applications approved by IT.

Approved applications have been checked for security and are regularly updated and monitored by the University IT department. Ask for advice if you need to use an application not on the approved list of university apps.

HTTP vs HTTPS

HTTP stands for Hypertext Transfer Protocol, and it is a prescribed order and syntax for transferring data over a network. Most information that is sent over the Internet, including website content and API (Application Programming Interface), uses the HTTP protocol. There are two main kinds of HTTP messages: requests and responses.

A request happens when you type something into a search bar or click on a link. The response is what comes back – the search results.

HTTPS has an extra letter, and the S in HTTPS stands for "secure." HTTPS uses TLS (or SSL) to encrypt HTTP requests and responses. If a cybercriminal monitors your activity, they will see a bunch of seemingly random characters instead of the text.

Your browser will flag a website not using HTTPS as being a security risk. When you see a notice in the URL bar that a website is not secure, they do not have a valid SSL Certificate - think twice before entering.

The Dark Web

You may have heard of the Dark Web. The Dark Web forms a small part of the Deep Web – a part of the web not indexed (or searchable) by search engines. World wide web content exists in darknets - overlay networks that use the Internet but require specific software, configurations, or authorization to access.

As the name suggests, people who use the Dark Web are usually there to conduct illegal activities. It is also used by the intelligence community, whistle-blowers, members of the media, and ordinary citizens whose communication may be monitored or restricted by the government.

Private computer networks communicate and conduct business anonymously in an unregulated environment without sharing identifying information such as location due to utilising multiple layers of encryption.

The University and most organisations suggest refraining from using the Dark Web.

Browse Smart and browse safely

It’s critical to realise that you are in the driver’s seat. Because even with high-security settings and anti-virus software in place, there’s only so much your browser can do to protect you. Though you might be warned about a dangerous site or content, your browser cannot stop you from visiting a risky site or downloading spyware.

You have the power to stay safe online if you take control. Browsing smart = browsing safe.

Back to IT@ND: CyberSecurity