Fortify your online avatar

At a time when you’re under constant threat from viruses, malware and phishing, these simple precautions can help you browse the Net securely

Shweta Taneja

On receiving an email about a lucrative moneymaking scheme, Sri Kumara registered as a member for free on the website www.legend-mails.com. The idea was simple—get paid to receive emails. To maximize his profits, within a month he upgraded himself to a diamond membership on the site by paying $269 (Rs. 12,110). After the payment, he got no response to his emails. He also never received any of the money promised by the site.

Stay alert: Use different passwords for various online activities. Raajan/Mint

If you think you will never fall for a cyber trap like Kumara, think again. Seventy-six per cent of digital Indians have experienced some form of cyber crime, according to a Norton Cybercrime Report published last month. The world average is 65%.

Though viruses and malware top the list in online crime, such phishing emails are fast catching up. If you haven’t faced a virus threat, a password attack or a genuine-looking phishing email, count yourself lucky. But there is no harm in being prepared. Here are simple tips to browse securely.

Give out information only on secure sites

Any site which asks for your personal information (login ID, password, bank account details, credit card information), be it bank sites, shopping sites or email accounts, should have secure network indicators. First, check if the site has https written before its address. “Most websites are http only. An https site means it’s secure and encrypted,” says Ankit Fadia, an ethical hacker who works with the Union government on cyber crime, is the host of MTV What the Hack and has written 14 books on computer security.

An alternative symbol for a secure site is a small yellow padlock on the bottom left of your browser. Another one is when your URL bar goes green. “These symbols mean that other people in the same network cannot tie up into your communication or conversation. One of these pointers needs to be there before you enter any personal details online,” says Fadia.

“The most common mistake people make online is yielding to greed,” says G. Sivakumar, professor, department of computer science and engineering, IIT Bombay. “Expecting to win prizes, lotteries or receive handsome amounts of money, many users give away valuable personal information and also infect their computers with malware.” There are no free lunches, he stresses. If an email, especially by a stranger, makes an offer which is too good to be true, one should simply delete it.

Stay vigilant on your browser

Tab napping, a phishing scam, targets users who open lots of tabs on their browser at the same time. It replaces an inactive browser tab with a fake page set up specifically to obtain your personal data, such as a bank site. “You won’t even realize that it’s happening,” says Fadia. So if the bank site is open on a particular tab while you are working on another one, when you return to it, double-check before you enter the data. Malicious code can replace the Web page you opened with a fake version that looks virtually identical to the legitimate one. “Always retype a website address and then add your bank account or password to it,” he adds.

Also, almost all browsers support a private browsing mode. Make use of it. “This prevents storage of cookies and other personal information on the computer and makes it less vulnerable,” says Sivakumar.

Always cross-check bank emails with the bank

Especially if it’s asking for your account information or your I-pin. “A bank will never send out an email to ask for your account information,” says Vakul Sharma, a Supreme Court

advocate who has been dealing with cases of cyber crime. If you have any doubts, call up the bank and countercheck to see if they have sent out any emails. As a rule, be as stringent online as you would be in the real world. Would you provide your ATM pin to a person who comes knocking on your door and claims to be from the bank? Treat emails from the bank the same way. “Never input any sensitive information that might help provide access to your bank accounts, even if the link shows a page which appears legitimate,” warns Sharma.

Be alert when shopping online

Online shopping is one place where having multiple identities is recommended. “Use different IDs/email

addresses and passwords for various online activities,” suggests Sivakumar. Have a credit card meant only for online transactions. It should have a small credit limit so that in case someone else uses it, your losses are not too high.

Stick to a reputed website for shopping and use the virtual keyboard to enter details wherever you have the option. “Criminals use key loggers to record your passwords so a virtual keyboard is another level of protection,” says Fadia.

Opt for a secure password

“The most common reason for identity theft online is an easy-to-crack password,” says Sivakumar. According to him, a good password is a mix of uppercase and lowercase letters, numbers and one or more symbols such as !, @, # and ,.

Read the complete story here.