Keeping Your Browser Safe

The first step to protecting yourself is always using the latest version of your browser. It does not matter which browser you use. Cyber attackers are constantly searching for, and finding, programming errors and flaws in browsers. These mistakes (often called vulnerabilities) can be exploited, giving attackers access to, and sometimes even complete control over, your system. The companies that developed the browsers (such as Microsoft, Google, or Apple) release patches to fix these vulnerabilities. By always having the latest version, you ensure your browser has these known issues fixed. To ensure your browser is updated, make sure the auto-update feature is always enabled in your browser and operating system. Some browsers, such as Chrome, automatically update themselves every time you restart the browser.

Plugins and Add-ons

Plugins (sometimes called add-ons) are additional programs you can install in your browser. The problem with these additional programs is they can expose you and your system to greater risk. Each program you add to your browser has its own unique vulnerabilities or weaknesses. Install only the plugins you absolutely need and be sure you download them from well-known, trusted sites.

A website might ask you to install a plugin. Be careful—these can be attempts to fool you to install infected software. When possible, always download and install a plugin from the original vendor's site. For example, always download or update your Flash player from the Adobe site. Once you have installed a plugin, you have to ensure that you keep it updated, just like your browser. This can be challenging as many plugins do not have automatic updating capabilities; you have to manually check and update them yourself. In that case, we recommend that you check the status of your browser plugins at least once a month. In the resources section, there are several trusted websites that will help you do this.

Browser Security Features

Each browser has its own unique security features. Be sure to take a moment and review your browser's security preferences or options. A key feature that almost all browser support is warning you when you visit potentially malicious websites. Your browser maintains an updated list of thousands of known websites that are malicious or attempt to harm people. If you attempt to visit any of these known malicious websites, your browser will stop you and present a warning banner. When you get a warning banner, do not proceed to the website. Keep in mind, you always have to be careful about the websites you visit, your browser cannot keep up with cybercriminals; it will not know all websites that are malicious.

Browser Privacy

You may not realize it, but your browser may store a great deal of information about your online activities, including cookies, cached pages, and history. Cookies are small data files that websites send to your browser and can make using the website easier, such as storing your preferences. But cookies also allow companies to track your movements across the web. Cached pages are stored copies of websites you have recently visited. They are used to improve your system's performance but also might be accessed by unauthorized users. Many browsers save the history of all the websites you have visited to take you more quickly to the websites you visit the most.

To protect your privacy you can disable some or all of these features. In addition, some browsers support the ability to manually erase any stored data or automatically erase stored data every time you close your browser. Most browsers support a privacy mode where all data collection is turned off, including cache, cookies, and history. This ensures no information is collected about your browsing activities; however, this can also limit your ability to interact with some websites. Check your browser's privacy settings to change any of these features.

Whenever possible, make sure your browser connections are encrypted. This helps ensure your online activity cannot be monitored or captured. Encrypted connections are often called HTTPS. For example, sites such as Twitter, Facebook, and Google allow you to set your personal settings to ensure you are always using HTTPS (encryption) when communicating with these websites. In addition, whenever banking or shopping online, make sure your connections are encrypted. To confirm this, look for https:// in the browser and a lock.