Your internet browsers, such as Firefox, Chrome, or Safari, are one of the primary tools you use to interact with the internet. Cyber attackers know this, which makes your browser one of their primary targets. Also, your browser may collect a great deal of personal information about you that you may not be aware of. The following are resources to help you safely browse the web.
Keeping Your Browser Safe
The first step to protecting yourself is always using the latest browser version. It does not matter which browser you use. Cyber attackers constantly search for and find programming errors and flaws in browsers. These mistakes (often called vulnerabilities) can be exploited, giving attackers access to, and sometimes even complete control over, your system. The companies that developed the browsers (i.e., Microsoft, Google, or Apple) release patches to fix these vulnerabilities. Always having the latest version ensures your browser has these known issues fixed. Enable the auto-update feature in your browser and operating system to ensure your browser is updated. Some browsers, such as Chrome, automatically update themselves every time you restart the browser.
Plugins and Add-ons
Plugins (sometimes called add-ons) are additional programs you can install in your browser. The problem with these additional programs is they can expose you and your system to greater risk. Each program you add to your browser has unique vulnerabilities or weaknesses. Install only the plugins you need, and download them from well-known, trusted sites.
A website might ask you to install a plugin. Be careful—these can be attempts to fool you into installing infected software. When possible, always download and install a plugin from the original vendor's site. For example, always download or update your Flash player from the Adobe site. Once you have installed a plugin, you have to ensure that you keep it updated, just like your browser. This can be challenging as many plugins do not have automatic updating capabilities; you have to manually check and update them yourself. In that case, we recommend that you check the status of your browser plugins at least once a month. In the resources section, there are several trusted websites that will help you do this.
Browser Security Features
Each browser has unique security features. Be sure to review your browser's security preferences or options. Almost all browsers support a key feature that warns you when you visit potentially malicious websites. Your browser maintains an updated list of thousands of known websites that are malicious or attempt to harm people. If you attempt to visit any of these known malicious websites, your browser will stop you and present a warning banner. When you get a warning banner, do not proceed to the website. Keep in mind you always have to be careful about the websites you visit; your browser cannot keep up with cybercriminals; it will not know all websites that are malicious.
Browser Privacy
You may not realize it, but your browser may store a great deal of information about your online activities, including cookies, cached pages, and history. Cookies are small data files that websites send to your browser and can make using the website more accessible, such as storing your preferences. But cookies also allow companies to track your movements across the web. Cached pages are stored copies of websites you have recently visited. They are used to improve your system's performance but also might be accessed by unauthorized users. Many browsers save the history of all the websites you have visited to take you more quickly to the websites you visit the most.
To protect your privacy, you can disable some or all of these features. In addition, some browsers support the ability to manually erase any stored data or automatically erase stored data every time you close your browser. Most browsers support a privacy mode where all data collection is turned off, including cache, cookies, and history. This ensures no information is collected about your browsing activities; however, this can also limit your ability to interact with some websites. Check your browser's privacy settings to change any of these features.
Whenever possible, make sure your browser connections are encrypted. This helps ensure your online activity cannot be monitored or captured. Encrypted connections are often called HTTPS. For example, sites such as Twitter, Facebook, and Google allow you to set your personal settings to ensure you are always using HTTPS (encryption) when communicating with these websites. In addition, whenever banking or shopping online, make sure your connections are encrypted. To confirm this, look for https:// in the browser and a lock.
Additional Resources
- Browser Plugin Check: browsercheck.qualys.com
- Firefox Plugin Check: mozilla.org/en-US/plugincheck
- Chrome Browser Security: Chrome Privacy Settings
- Safari Browser Security: Safari Browser Security