URL’s are long and complicated, which is why it’s easy for cybercriminals to hide behind them. No one goes and looks at the URL of every page they visit. Besides the websites name and page name they’re often riddled with numbers and symbols. Because of this it’s easy for us not to notice when a URL has been edited slightly with just a spelling mistake in the domain name to tip us off that this might be a scam.
Phishing is a huge issue that has the potential of infecting not only you but also the people around you. And without the knowledge that that is a potential threat many people fall victim to it thinking that they are on a legitimate website. Because the changes are often typos in the main domain, misleading subdomains or domains with hyphens It can be difficult to catch these phony links at first glance.
Google is trying to protect its users from these phishing attacks by only showing domains instead of the full URL in the hopes that it will make fake websites clearer to users. This feature will be coming out with the release of chrome 86 to a select group to see if it will benefit users against these attacks.
While this is still just an experiment at this point but if it works out could be a great benefit for users in the future. Currently Safari on mobile versions displays only the domain name and will let you know when a website does not have an SSL certificate by saying “Not secure--(insert domain name.)”
This is a great way to make people more aware of the website they are on and be conscious that making purchases or sharing sensitive information on a website like this comes with risks. These small details that have been implemented into browsers are a great asset not only to those not informed about cyber security but also to those who are. Bringing more attention to the web address bar and conditioning people to make sure they are on secure sites and eventually so they can look over the domain to make sure everything looks right.
Tools like these are a great way to help get people to not only gain interest in cyber safety but also pay more attention to safety when browsing online. But the main thing that will keep them safe is being informed on the different kinds of cyber-attacks as well as how to avoid them and keep your devices protected.
The most common ways that businesses and individuals neglect security is by having weak passwords they’ve used for other things. And not keeping their devices up to date with the latest software update which leaves them vulnerable to attacks due to the security holes in the old software. Security should be the priority when doing anything online because one simple mistake can compromise not only your information but spread to all your contacts as well.
Here are a few general rules to follow to help you stay safe:
Don’t share sensitive information like credit cards or social security on a website with no SSL
Don’t click on links even if they are sent by a friend without hovering over the URL first
Don’t send sensitive information like credit cards over text or email
If you get a message from your bank or account saying there is an issue and you need to change your password don’t trust the link sent to you and type out the URL you are familiar with yourself
If you get a strange email asking you to wire money always double check with the person in question by calling them or starting a new email thread
Always enable multifactor authentication on your accounts if you can
Try to use complex passwords or research password alternatives you can use
Do not log into important accounts on devices that are not your own
Do not use public unsecure Wi-Fi to log into important accounts