Safe Web Browsing (Without TOC)

Slide 1

This security awareness training covers web safety, especially the safe use of web browsers and websites.

Using the web requires you to connect to someone else’s computer and exchange information. Sometimes this is as simple as requesting information on a word you type. And you would expect the result you see to come from a reliable source. However, hackers take advantage of the way we think the web works in several ways.

Slide 2

First, hackers try to steal the passwords, credit card numbers and other confidential information we send to other computers. Second, hackers try to steal account information, medical histories or other confidential information other computers send us. Third, hackers try to redirect us to their computers so they can ask for specific information. And finally, hackers try to get us to install malware that would let them take control of our technology.

Fortunately, there are some common and effective defenses against these attacks, each of which will be explained in the next few minutes.

Slide 3

One of the most effective ways hackers have of hijacking computers is to get people to install their malware. Often this malware comes through fake updates, plug-ins and installations presented to people as they browse the web. This example is from a site that serves pirated videos. It tells people that they need to install and download a “flash player update” which is, in fact, malware.

Slide 4

Other hazards are encountered while updating otherwise legitimate applications. The most common hazards are web browser toolbars, such as the “Ask” toolbar automatically included in many Oracle Java installations.

Web toolbars and plug-ins have the same access to the information you send and receive as you do.
They can use this access to intercept your requests and forward your browsing information to other people, including advertisers and hackers.
They also often harbor vulnerabilities that hackers can exploit to attack you directly. Safe users never install toolbars, and rarely install plug-ins, in their web browsers.

Slide 5

You’re installing on your new computer. The image shows the installation window. How should you proceed? Click the screen to show your chosen action, then click Submit.

That’s right!

Before proceeding with the installation, you should uncheck the Fantastic Toolbar checkbox.

Click anywhere to continue.

Sorry, but that’s incorrect.

Before proceeding with the installation, you should uncheck the Fantastic Toolbar checkbox.

You must answer the question before continuing.

Slide 6

Many browsers will now also display warnings if you are about to visit a known hacker site.

Some even display warnings if they think you are about to encounter a phishing attack or malware.

These warnings should be heeded, and you should use the “back to safety” button, your browser’s back button, or the “X” on your browser to leave.

However, you still need to watch out for fake warnings, such as this one. You can often tell fake warnings from real warnings because the fake warnings will ask you to install a file, visit a site, call a phone number, or perform another dangerous action. Real warnings will simply take you back to safety.

We just covered two behaviors: avoiding plug-ins or other software, and “clicking back” on browser warnings, you should adopt to browse safely. Next, we will cover three more related concepts that will help you to identify and avoid other unsafe situations.

Slide 7

The first defense we will explore is the use of encrypted transmissions to hide your data. Normal web browsing uses something called HTTP to communicate with other computers. Programmers like HTTP because it is reliable and easy to use, but security experts dislike HTTP because it does not protect data. In other words, anyone who can see your HTTP-based web session can see everything that you send, and everything you receive.

To protect web sessions against prying eyes, we use a security technology called HTTPS, which is literally “HTTP secure.” This technology, also known as “SSL” or “TLS”, does two important things. First, it lets web browsers verify the identity of remote computers. This deters hackers from replacing trusted sites with their own computers. Second, it lets web browsers encrypt communications with trusted computers. This prevents hackers from intercepting the data you send and the data you receive.

Fortunately, your browser provides several clues to help you tell the difference between normal HTTP and encrypted HTTPS sites.

Slide 8

First, there will usually be a picture of a lock in the location or URL field. This example has one to the left of the name of the site.

Second, the browser will often display “https” in front of the location or URL, even if it normally hides the “http” for normal sites.

Browsers will almost always warn you about problems with HTTPS before you exchange any information. In this example, we connected to a site that presented us with a certificate that did not match the name of the site. Since the web browser could not verify the identity of this site, it displayed a warning and then crossed off both the lock and the HTTPS tag in the location. This type of warning keeps you safe from sites that hackers may have hijacked, and should only be ignored under the direct advice of your local IT department.

While the red X and green lock mechanisms web browsers use are good defenses, they are not perfect. Sophisticated hackers will often take the time and expense to set up HTTPS-encrypted servers that look legitimate to most web browsers. Look carefully at these four legitimate-looking browser locations. Only one is safe. Can you tell the difference?

It turns out that only one of these URLs is safe, even though all four display a green lock and “HTTPS.” To tell the difference between the safe and unsafe sites, it is still necessary to subject the URL to further examination, even when the browser reports that the HTTPS connection is OK.

There are several types of bad hostnames you may encounter when browsing the web. First, watch out for URLs that contain numbers. These numbers may make up the entire hostname, appear embedded in the hostname, or just replace certain letters in the hostname.

Slide 9

Second, watch out for hostnames that contain spelling mistakes, including misspelled words, words with extra letters, and words with missing letters.

The very last part of a hostname is called the “top level domain.” This is often a value like “com”. Unusual values are dangerous because they can send you to a hacker’s version of the real site in another country or at least another computer. So the third type of hostname to watch out for are those with extra or strange characters at the end of the hostname.

Slide 10

Which of the following host names are probably unsafe? Select all that apply and click submit.

That’s right!

The hostnames which have misspellings, numbers, or strange endings are probably unsafe.

Click anywhere to continue.

Sorry, but that’s incorrect.

The hostnames which have misspellings, numbers, or strange endings are probably unsafe.

You must answer the question before continuing.

Slide 11

Examining the hostname in your browser’s location field can help after we have accessed a suspicious site, but it can also be used to identify suspicious sites before we access them. To understand how this is done, we first need to understand the links we see in our web browsers. Every link has two parts.

1) First, there is the part of the link you see. This part tells you where the link is supposed to go.
2) Then there is the part of the link you don’t see. This is the actual address, or URL, that controls where the link will actually go.
Hackers often exploit the difference between the two to get people to open their sites.

The second part of the link, the URL, is what needs to be inspected before it gets clicked. Fortunately, your web browser makes it easy to see this information on most web sites. When you place your mouse over a link, your browser will either pop up a window or write the URL of the link into the outer frame of your web browser. If you examine this location before you click it, your chances of being hacked decrease dramatically.

Slide 12

Read the following email and decide whether or not it is safe to click the link.

That’s right!

You should NOT click on this link, as it leads to a suspicious URL. You can tell where the link leads by hovering over it.

Sorry, but that’s incorrect.

You should NOT click on this link, as it leads to a suspicious URL. You can tell where the link leads by hovering over it.

Slide 13

The five behaviors we just covered will keep you safe as you browse the web.

Please review these takeaways and then click “continue” to complete the module.