This is an article by regular columnist Clark. Although perhaps a bit off topic, it’s very relevant to readers.
With the use of the Internet for many tasks these days, a primer on securing your web experience would not be out of place. Please note that this article deals only with web browsing security and if your computer is already a hub of malware (short for malicious software) like trojans, worms, viruses, etc., then the system is compromised, no matter your measures to secure the web experience. If you suspect that your system may be infected with malware, use one of the free antivirus tools given below to scan and remove them.
Any antivirus application is useful only when it stays updated. The above tools have automatic update features included; just ensure that they are turned on, so that they get updated on a daily basis. It is prudent to schedule periodic automatic scans of your system to utilize those automatic updates.
Web Browsing Security
Any bank, discount broker, insurance, shopping or email account website that you access must use atleast a 128-bit Secure Socket Layer (SSL) protocol (it is the predecessor to Transport Layer Security) for transmitting data over a network. SSL has a two-fold benefit:
- It verifies the authenticity of the website to which you are connected and
- It protects your personal information (name, address, credit card details, SIN, username, password, etc.) by encrypting them and providing a secure end-to-end transit medium. It can only be decrypted by the receiver, which would be your intended target website.
A screenshot of the Gmail login page when using Internet Explorer 8 is shown below with key points highlighted.
If the website you are connected to starts with https:// but missing the padlock symbol, then it indicates that the website connection is only partially encrypted. It could mean that the transit data is encrypted but the identity of the website owner cannot be verified. So, if the owner of the website is unknown, then how could one trust that the data they receive and decrypt is not being misused? SSL certificates issued by third-party Certificate Authorities establish authenticity.
Most of the websites that use your personal details for providing their service will have this SSL protocol enabled. While many bigger companies like Amazon and eBay are no slackers when it comes to data security, certain smaller online shopping providers do not offer the required security. It could be due to a lack of awareness by the system administrator or negligence to data protection. An astute consumer will pay attention while browsing and logging into websites – it is your data (identity) and money (credit history) after all!
Some tips worth remembering…
- Keep your computer(s) and browser(s) updated.
- Bookmark the websites that you visit regularly – especially ones that utilize your personal information (banks, utility companies, shopping sites, brokerage accounts and others that you can think of!). Do not click on links in emails (not just phishing ones but even from legitimate sources, if you can identify them) and use your bookmarks (favorites) to check the site.
- Always keep an eye to check if websites requiring logins are fully encrypted; the missing padlock symbol is a giveaway that the SSL has holes.
- If you are buying from a relatively unknown shopping website, look out for the encryption criteria mentioned above. If you suspect a problem, conduct an Internet search to see if others have reported similar issues and decide if you still want to buy from that site.
- If PayPal is not accepted, buy prepaid credit cards to use on questionable sites (though I wouldn’t recommend giving your business to a company that does not use the necessary encryption). This way, the liability is limited to the value of the card ($25, $50, etc.) in case your credit card details are misused by the company or stolen during transit.
- Avoid doing important transactions (including checking account balances) on unsecured WiFi networks (coffee shops, airports, etc.). There are workarounds such as using a virtual private network but they are beyond the scope of this article.
And, please upgrade from Internet Explorer 6 to version 8, if you are still using it!
Have you got any other tips to share for securing the user’s browsing experience and preventing online identity theft?
About the Author: Clark is a twenty-something Saskatchewan resident employed in the manufacturing sector. He repaid around $20,000 in student loans and has been working to build his investment portfolio as a DIY investor (not trader) while nurturing plans to retire early. He loves reading (and using the lessons learned) about personal finance, technology and minimalism.If you would like to read more articles like this, you can sign up for my free weekly money tips newsletter below (we will never spam you).