As you study the results of your internet searches:
- Be suspicious. If search results turn up links to free content (Get Photoshop free? I don't think so) or offers that are too good to be true, think twice.
- Be cautious when searching on hot topics. Fake and malicious sites often try to hijack time-sensitive search results.
- Check the web address in the search results. Look for misspellings or other clues that you might be headed to a phony website.
- Pay attention to the order of the results. Google search uses security information as part of its ranking process; in theory, more secure sites will rank higher.
When you select a site from your search results, pay attention to indications that the site is trustworthy:
- Look for the locked lock icon and https:// (for httpsecure) in the browser address bar:
- Look for green text or background in the browser address bar triggered by a more rigorous validation process:
- Look for site seals and trust badges in the body of the site:
- Avoid sites with "risk indicators" such as warning popups and ads.
Slow down and pay attention to what is on your screen.
Email scams are especially common during high shopping seasons (like holidays or back-to-school season). Be mindful of:
- Spoofed and forged invoice and shipping notifications.
- Malicious holiday greetings with links to cards, videos, etc.
- Be suspicious. Ask yourself if the organization is legitimate and, if so, why they would be emailing you.
- Consider if an offer looks credible. If it looks too good to be true, it usually is.
- Read closely and look for mispelings, capitalization and Punctuation Mistake's,, badly grammar, unprofessional punctuation !!!
- Don't click on links in the body of an email. Go directly to the home page of the organization identified in the link or type the link into the address bar manually. The text of the link might read http://www.willamette.edu, but the underlying link could easily be http://www.steal-my-identity.crime.
- Don't ever give out your password in response to an unsolicited email. If you think it is your bank or your Willamette email account or any other "if you don't do this, you will lose an important part of your life" notification, close the email and call the organization.
Passwords, Passwords, PasswordsTake care of your passwords:
- Use different passwords for different sites.
- Choose passwords that are easy to remember but hard to guess:
- combine upper/lower case letters, numbers and punctuation
- at least 8 characters; length is the greatest predictor of strength
- consider using random phrases or combinations of words
- Don't share your passwords.
- Never send off your password in response to an unsolicited email.
- Change your passwords often; every 90 days is a good rule of thumb.