TABLE OF CONTENTS

Pretty much everything you do online has to be done through a web browser these days. Many of the sites you visit are perfectly safe, but every so often you’ll come across an unsecure or malicious website that will leave you open to having your information stolen, or worse yet, actively try to steal it or damage your computer. It’s important to know that you’re browsing trusted websites, so follow these tips to keep yourself safe when browsing.

Am I Browsing a Safe Website?

Properly secured websites will have what’s called a security certificate that tells you that the site is safe and any information you exchange with it will be kept safe from prying eyes.

Check the Address Bar

You can check the validity of a site’s security certificate by looking for the following things in the address bar:

  1. The site’s address starts with https:// - In some browsers, like Google Chrome, you might need to double click the address of the site to get this to show up. The “https” means that the site is secured (hence the "s") with a certificate. If the site address starts with just “http” instead, you can try changing it to “https” to see if there is a secure version of the site. If the "http" version is the only one that works, your connection to the site isn't secure.
  2. It should be the site you expect – Double check the site’s address. Many web addresses may begin in a way that’s new to you, but does it end in the site you expect? For instance, if you’re banking with JPMorgan Chase, the site address should end in “chase.com.” If it ends in something else, you could be on an unsafe website. Don't enter any information or passwords until you've confirmed that you're in the right place!
  3. There is a locked padlock icon in the address bar – Secure sites also have an icon somewhere indicating whether or not it’s secure. Usually, this icon is a padlock. When it’s locked with no lines through it, the site is secure. If there’s a line through the padlock, or the icon is replaced with a warning sign and/or the text “Not Secure,” tread with caution! Sites with those icons are not secured, and any data you exchange with it could be intercepted.

 

This connection is secure. You can share information with this site.

This connection is not secure. You shouldn’t share any information with this site.

 

 

You can click the padlock for more information on the site. If you click it and it says the connection is secured, the site is safe.

A secure connection will show you something like this.

An insecure connection will show you a warning like this one.

 

4. Look for blocked popups – A site that’s trying to do something fishy might try to produce popup windows. You can see if it did from the address bar, which will show you any blocked popups. Sometimes popups are legitimate, but if you didn’t expect one, you should proceed with caution.

 

A picture containing text Description automatically generated

Oh No! Do I Have a Virus?!

Probably not! Some sites will attempt to trick you into thinking that you have a virus. Fake virus warnings are big, colorful, loud, and generally obnoxious. They will use vague wording, have poor grammar or spelling, and try to coerce you into immediate action. Sometimes their call to action will include calling a phone number, downloading a program, or paying money. Don’t do anything these virus warnings tell you to do!

Graphical user interface Description automatically generated

Again: ANYTHING THAT LOOKS LIKE THIS IS FAKE!

On your work system, a real virus warning will come from Windows Defender. It will appear in the lower right corner of the screen and look something like this:

Graphical user interface, text, application Description automatically generated

When In Doubt, Contact IT

If you come across a virus warning you’re not sure about or website you think might be unsafe, take a deep breath (we'll get through this, I promise), and then do the following:

  1. Don’t click on anything in there – If the virus warning isn’t real or the site is unsafe, it could damage your computer or compromise your information. So err on the side of caution and don’t click on any links or buttons.
  2. Take a screenshot if you can – Screenshots help us determine what’s going on. A picture is worth a thousand words, as they say.
  3. Contact the IT Helpdesk – Whether you got a screenshot or not, reach out to the IT Helpdesk immediately and provide as much information as you can about your concerns. We’ll help you figure out if there’s a threat and what to do about it.