Internet Use

The Digital Landscape

The internet, vast and boundless, offers a wealth of opportunities and information at our fingertips. However, amidst its riches lie lurking dangers that can compromise our security and privacy. Navigating this digital landscape requires a vigilant and cautious approach. Here are some essential practices to ensure your safety while using the internet

Spotting Fake Websites

In the labyrinth of the internet, fake websites masquerade as legitimate ones, aiming to deceive unsuspecting users. For example, consider a website with a URL like g00gle.com instead of the legitimate google.com or one with an unusual domain extension like google.corn instead of .com. These subtle differences can often be overlooked, leading users into the trap of fraudulent websites. Pay close attention to website URLs, looking out for such irregularities. Ensure the website uses a secure connection by checking for “https://” in the URL and trust indicators such as padlock icons.

Lookalike Website Example

Okay, so before we begin, do not visit this website.

Taking the proper security measures, I went looking around for lookalike websites that might be created with malicious intent, and I think I found one after a while. Luckily, the larger companies are quick to take down these attempts at scamming and tricking you into believing it’s the real deal. So, let’s analyze this quickly.

Okay, let’s start at the top! The first thing to notice is that the padlock icon has a line over it. When we click it, we get this message.

So, we know that the connection to this website is not secure or private. Furthermore, we can see that the URL is quite far from Facebook.com.

So, we see that I misspelt facebook and wrote fcebook instead. and then we see a massive line of text. Let’s break it apart! Safe.sur.ly is the domain name, and out of curiosity, I decided to look up that domain on Virustotal, and it returned no flags from any security vendor. But looking at the details for this website, somethings of. It is registered in Russia, and all of the personal information that needs to be filled in for creating websites are just randomly generated numbers and letters. So, contacting the owners of this website would be hard. Anyway, sidetrack aside. Looking at the rest of the address, it looks like gibberish and doesn’t contain any exciting information except for the last part, “downgradeProtocol=1”. This could be something called a downgrade attack, where the goal is to downgrade the protocol used by the browser, which is used to encrypt and protect you when you are online. By downgrading the protocol to an older version, it opens up the possibility for older attacks that don’t work on the newer versions to now be functional. It is not something you want to see when visiting a website.

Hmmm quite ironic that it says safe at the start of the URL when everything else is giving me another vibe.

Due to the pop-up window, it’s pretty blurry, but we can kind of see the typical Facebook login window in the background. If this is not the real Facebook, who is then getting my login credentials?

This is the original login window. The URL is clean and free of typos, and the padlock looks good. This is better.

So, to summarize the main points to look for

• Look for HTTPS or the padlock icon.
• Look at the URL.
• Is anything out of the ordinary?
• Is the browser warning you about potential threats?

Downloading Files

Downloading files from the Internet can be like traversing a minefield. Exercise caution and only download files from trusted sources. Be wary of file-sharing platforms, such as BitTorrent or peer-to-peer networks, where files are shared among users. These platforms may host malicious software disguised as legitimate files, posing a significant threat to your device’s security. Consider using trusted antivirus software with real-time scanning capabilities to detect and prevent malware infections from downloaded files.

Key Points

Trust your instincts when encountering suspicious websites. If a website appears dubious or offers unrealistic deals, proceed with caution. Avoid clicking on suspicious links or ads, as they may lead to phishing sites or malware-infected pages. Consider using web browser extensions or plugins that offer additional layers of security, such as ad blockers and HTTPSeverywhere, to enhance your protection against malicious websites.

Entering Information Online

Exercise discretion when entering personal or sensitive information online. Be selective about the information you provide and only disclose it on reputable, secure websites. Look for trust indicators such as privacy policies, secure connections, and encryption protocols (Padlock symbol) to ensure your data remains protected during transmission. When in doubt, refrain from sharing unnecessary information and prioritise your privacy and security.

Using Encryption and License Checking

Encryption serves as a shield, protecting your data from prying eyes during transmission. Seek out websites that employ encryption protocols such as SSL/TLS by checking if it is HTTPS to safeguard data exchanged between your device and the website’s server. When downloading software or accessing online services, verify the authenticity and legitimacy of the product by checking for valid licenses or certifications. Avoid pirated or unlicensed software, as they may pose security risks and legal consequences.

Checking Links Before Clicking

Before clicking on a link, please exercise caution and look closely at its destination. Hover your mouse cursor over the link to preview the destination URL. Verify that the URL matches the expected destination and avoid clicking on shortened URLs or unfamiliar links sent via email or messaging platforms.