Your organization likely has policies in place to encourage secure web browsing, but ultimately, browsing the Internet securely is the responsibility of the employee. Even careful, well-meaning employees can accidentally land in the wrong corners of the web while searching for information and end up installing malware on their devices. And even seemingly reputable websites may be traps especially if they’ve been hacked by code injection or formjacking.
How does this happen? Hackers are known to target small, legitimate websites that employ weak security measures and manipulate the source code or add malicious plug-ins using backdoors. Some websites are simply evil by design, and are made to look legitimate. In either case, a compromised or unsafe website will attempt to download malware – for example, it might ask the user to update or install a plug-in to play a video that has the information he or she needs. Ransomware is also commonly spread through spoofed websites that are difficult to detect.
Of course, browsers can only warn users about potentially dangerous websites. Without secure web browsing software, which many organizations don’t have, users can still get to dangerous sites. How can you ensure that employees with Internet access know about unsafe websites? This course is a good place to start. This course teaches the basics of safe web browsing and how to:
- Avoid unsafe websites
- Disable pop-up windows
- Determine if a website is safe before using it
- Secure a browser by applying generally accepted security settings
- Employ other best practices
Duration: 9 minutes