By Arica Chhay. Risks of web browsing are more significant than many realize. Learn about these risks and minimize them by following these simple but effective tips.
Today, browsing the internet is an essential part of our daily lives. However, with the convenience of browsing comes the potential for security risks. While it is impossible to completely eliminate all risks associated with web browsing, there are steps that users can take to minimize their exposure to these threats. In this article, we’ll focus on three of the most common risks at the moment and provide tips to help users make safer choices when browsing.
1. Minimize browser extensions
Web browser extensions have become a popular way to enhance our browsing experience. They provide a wide range of functions and integrations with other applications, such as Google and Zoom. While most extensions are useful, they have also become a new method for cybercriminals to sneak undesirable code onto your computer. These malicious extensions may appear disguised as useful utilities or carefully named to sound like legitimate software in an attempt to entice you while web browsing. Falling for this trick could potentially give cybercriminals access to your systems.
To protect yourself, and the organization as a whole, you should only download an extension via the browser extension store. Additionally, it is a good idea to review your current extensions and ensure that you understand and use them all. Removing unnecessary extensions can also help reduce the risk of a cyber attack. Your browser likely has recommendations for safely acquiring, managing, and removing unknown extensions, so be sure to follow those guidelines to stay safe while browsing. Remember, staying vigilant and informed is key to protecting your digital security.
When it comes to managing your passwords, you might have heard the advice to use a password manager like LastPass. This is what we recommend. Despite the availability of this important tool, we have noticed that many people are still using the built-in password storage feature of their web browser, which is NOT a safe option and is not a true password manager. The technology behind password managers is significantly different from saving login credentials with built-in browser password managers.
Using built-in browser password managers can put your sensitive information at risk. These password managers do not safely store your passwords and can easily be accessed by attackers with access to your computer. This is not a theoretical threat – it has actually happened to someone at the Lawrence Berkeley National Lab (LBNL). Imagine all of your stored passwords being known to an attacker – it could not only cause issues at work but also create a personal cybersecurity infraction.
The browser password storage feature is convenience-based and not a security-driven feature. Information Technology (IT) team at LBNL strongly recommends turning off the option to save passwords and autofill login information altogether. It might be slightly less convenient to type in your login credentials each time, but this a small price to pay for greater security. If you are looking for a secure and safe way to manage your passwords, consider using a true password manager like LastPass or other recommended options.
- Chrome: Manage passwords in Chrome (see the section on Start or stop saving passwords).
- Firefox: Disable password saving in Firefox.
A dedicated password manager like LastPass supports all major browsers and operating systems but operates as a third-party, independent of the browser.
Keeping your web browser and extensions up to date is essential for online security. Browsers like Chrome and Firefox are designed to automatically update themselves in the background whenever new updates become available. However, if you keep your browser open for extended periods of time, you might miss out on important updates for both your browser and extensions.
These updates often include critical security patches that fix vulnerabilities that could be exploited by hackers. Failing to update your browser and extensions regularly could leave you open to security risks, such as malware infections or phishing attacks. It is important to check for updates regularly and close and reopen your browser if there are pending updates.
To make sure that your browser and extensions are up to date, you can manually check for updates in your browser’s settings menu. It is also a good idea to enable automatic updates and to regularly close and reopen your browser to ensure that any pending updates are installed. By staying on top of updates, you can help protect yourself and your sensitive information from online threats.
- Chrome: Check for updates to Chrome.
- Firefox: Update Firefox to the latest release. Restart the browser to complete the process.
About the Author
IT Communications Specialist
Lawrence Berkeley National Laboratory
Learn more about the IT Division at Berkeley Lab (Lawrence Berkeley National Laboratory) by visiting it.lbl.gov.
Cover photo caption: Browsing the web is essential to today’s work but can expose you to unknown risks. We selected this image because it shows the type of environment where an attach can occur, unknowingly.