Safe Browsing Tips
The Internet can be a risky place. There are plenty of crooks online looking to scam you, lots of websites that look safe but steal your information, and many applications that contain malware that will infect your device. Estimates are that 56 percent of global email is spam, 40 percent of web activity is fake, and 21 percent of apps for phones are malicious. This theme area of the Cybersecurity Awareness campaign is about tips to protect yourself online.
It is easier to stay safe online if you follow some behaviours that will help protect you.
Before you start browsing:
- Make sure you’ve done appropriate Computer Care.
- Connect to the University’s GlobalProtect VPN. Avoid connecting to public Wi-Fi without connecting to the VPN.
- Choose one browser for work, one for personal use (ex: banking) and one for play. Browser options include Chrome, Edge, Firefox, Opera or Safari.
While you’re browsing:
- Avoid visiting questionable or potentially unsafe websites. Examine links carefully before clicking on them – particularly links in email. You can verify URLs by copy and pasting the URL into the Google or Bing search box instead of clicking the link.
- Download software using app stores or from the vendor’s website. Be wary of free or evaluation software. Avoid downloading files from untrusted file sharing sites. They may contain spyware or malware.
- Make online purchases only from well-known online stores. Ensure that the connection is secure by checking the address bar for warnings such as a the words "Not Secure" or a padlock with a line across it. Do not login or make purchases from insecure sites.
- Log out from websites when you are done using them.
Care for your information:
- Use good Password Care, including strong passwords and do not repeat passwords used on very sensitive sites with others. Use a recommended password manager to help manage passwords if possible. Do not save passwords for sensitive sites in the browser.
- Use a different email account for personal computing. Do not use your work email account for personal activity, such as government, banking, online shopping or social media.
- Limit sharing of personal and professional information online (e.g. address, phone numbers, work status, etc.). Do not use work email address on non-work-related sites.
- Be wary of posting anything online (including sharing sensitive information and/or images). It is impossible to remove a message once it has been posted. Deleting the original post does not remove all copies of it from the Internet.
Take extra precautions:
- Turn off ‘automatic connection’ to public Wi-Fi networks to ensure devices don’t connect to them without your knowledge. Your device will try to use any wireless network it knows, so it may connect to less-trusted networks without your knowledge.
- Consider using two personal email accounts, one for sensitive information like government and banking, and another for social media, newsletters, Deals-of-the-Day, etc.
- Keep one browser with higher security settings and use it when browsing questionable sites or connected through public Wi-Fi.
- Dedicate a credit card just for online shopping. Since the bill for that card will only include online purchases, it is easier to spot suspicious charges. And if the card is compromised, it is simpler to replace.
Watch for the Warnings
It is becoming standard practice for all reputable sites to use secure connections all the time. All the major social networks (Facebook, Snapchat, etc), shopping sites (Amazon, eBay), search engines (Google, Bing), and news (CBC, Huffington Post, CNN) use secure connections. If you don’t see the lock or your browser tells you the page is “Not secure” then you should think twice about using that website.
When browsing the web, your web browser will provide indication if the website that you are browsing to is insecure. Newer browsers warn you when a website is Not Secure. This means that an absence of warnings means that you are on a safe site. Not Secure warnings look similar to these:
Older browser versions take the opposite approach and let you know when a site is secured. This is shown by locks or a notification in the address bar like this:
Encrypt and use VPN
A key to keeping information secure is to encrypt it so that others cannot read it. You can do this by using BitLocker on Windows or FileVault2 on Macs. You can also use a Virtual Private Network (VPN) when using the Internet to make sure people cannot intercept your traffic.
The University provides a free VPN called GlobalProtect for Microsoft Windows and Apple Mac machines. You can find out how to install it in the Knowledge Base at uwindsor.ca/vpn
Patch and reboot regularly
Computers and devices run using computer programs that operate the hardware (operating system) and enable access to services and functionality (software). These computer programs are not perfect, and they contain errors (bugs) that can provide a means for a hacker to gain access to your device or data. These bugs are corrected by software updates, patches and fixes.
- Apply Operating system updates
- Install Software (like web browser) updates
- Accept Mobile app updates
- Enable automatic updates
- Reboot your device regularly
Generally all you need to do is reboot your device and it will update as it restarts.
Wear Your Seatbelt
Antivirus is like putting on your seatbelt when you get in the car. It should be mandatory and automatic.
Antivirus is software used to defend a computer against viruses, trojans and other malicious software. It is essential on Windows PCs and encouraged for Macs, Linux and mobile devices.
The University installs anti-virus on all office PCs and provides free anti-virus from Sophos to all faculty, staff and students for their home machines. You can read how to install it here: uwindsor.ca/antivirus
We're here to help!
IT Services is happy to answer questions about cybersecurity on campus: ext. 4440 or open a ticket for service here: uwindsor.ca/itshelp. More information on cybersecurity issues facing campus: uwindsor.ca/cybersecurity