When
sending confidential information over the Internet such as usernames,
passwords, or credit card numbers only send it securely. To verify this
look for a small lock (
) in the bottom right corner of your browser window or next to the address bar (as shown below). If visible, this lock should also be in the locked position and not unlocked.
Internet Explorer 7 secure address bar
We also suggest making sure the URL begins with https as shown above.
While the lock is in the lock position, data is encrypted,
which helps anyone from understanding the data if it's intercepted.
When no lock is visible or in the unlocked position all information is plaintext and if intercepted could be read. If a web page
is not secure, such as an online forum, use a password you wouldn't use
with protected sites such as your online banking website.
E-mail is not encrypted
Websites should not transmit confidential data over e-mail, such as passwords, credit card information, etc. E-mail is not encrypted and if intercepted by a third-party could be read.
Be aware of phishing scams
Familiarized yourself with phishing scams and techniques,
which are used to trick you into divulging your account information.
Online banking sites, Paypal, eBay, Amazon, and other popular sites that
require logins are popular targets.
Use a safe password
Websites that store confidential data, such as an online bank site need to use strong passwords.
Also, it is highly recommended that you use a different password for
each website that requires a login. If you need help remembering your
passwords consider using a password manager.
Use caution when accepting or agreeing to prompts
When prompted to install any program or add-on make
sure to read and understand the agreement before clicking on the Ok
button. If you do not understand the agreement or feel it is not
necessary to install the program cancel or close the window.
Additionally, when installing any program watch for any check box
that asks if it's ok to install a third-party program, toolbar, etc.
These are never required and often cause more issues than good. Leave
these boxes unchecked.
Be cautious where you're logging in from
Business
Your place of
work can install key loggers or use other methods of monitoring the
computer while online. Someone who has access to this information could
read these logs and gather usernames and passwords. Also, do not store
any passwords in your browser if your computer is shared with other
coworkers.
Wireless network
When
on a wireless network realize that all information being sent to and
from your computer can be intercepted and read by someone nearby.
Prevent this from happening by only logging into a secure network using WEP or WPA. If this is a home wireless network, make sure it is secure.
Friends house
Be
concerned when logging into an account from a friends computer. A
computer or network you are not familiar with could intentionally or
unintentionally log usernames and passwords. Finally, when logging into
any site on a friends computer never save the password information on
their browser.
Be aware of those around you
While at work, school, library, or anywhere that has people around who could look at the monitor be cautious of anyone shoulder surfing. Someone could watch you type in your password, which would give them access to your account.
If you need everything displayed on the screen to remain private, consider a privacy filter for the display.
Update Internet browser plugins
Often many attackers find security vulnerabilities through browser plugins such as Adobe Flash. Make sure all installed Internet plug-ins are up-to-date.
Secure saved passwords
Make sure to store passwords and login information in a
secure area. Never write login information on a sticky note or in a
text file that is not encrypted.
To save your passwords we recommend using a password manager, which stores all login information and securely encrypts and password protects that information.
When
saving password information in a browser, it may be visible by anyone
who has access to your Internet browser. For example, without a master
password setup in Firefox anyone can see all stored passwords.
Use a third-party service to confirm the safety and security of a page
We recommend the free Web of Trust (WOT) tool to verify the safety of all websites on the Internet.