As we celebrate Data Privacy Day, it is essential to realize that one of the most prominent aspects of end users’ daily lives is constantly exposed online, and most of the time, they do not even realize it. It is surprising to many users that it happens every day with the tools used to surf the internet â€“ the browser. James McQuiggan, Security Awareness Advocate at KnowBe4, shares our need to be cautious irrespective of what browser we use, be it Google Chrome, Microsoft Edge or Mozilla Firefox.
Every day, we use the browser to search for information, look up recipes, shop, watch videos or check email. However, like a refrigerator, or television, we do not need to understand how it works, just that it needs to work. Like our fridges or TVs, it is still essential to understand some of the device’s capabilities and what not to do. You would not leave your fridge door open when trying to cool your house. It will damage the fridge. There are similar warnings and things you should not do with a browser.Â
Be Aware of What You Share
When using an internet browser, it is crucial to maintain a heightened awareness that we leave a digital footprint behind, and clicks can have consequences. End-users should be wary of clickbait or marketing ads that want them to click on ads. These ads can also be hotbeds for cybercriminals, just waiting to trick their victim into clicking. They inject malicious code in the marketing ads that can access our systems. Not all sites or ads are malicious, but it is essential to be aware of clickbait because curiosity is one of those lures in human nature that social engineers and cybercriminals leverage to access our systems and data.
When end-users visit a website, they are unaware of the digital fingerprint they leave behind. It is a specific fingerprint relating to our operating system, browser type, and plugins used. All this information gets collected by the website someone visits and can be sold off to marketing agencies to see the demographics and variety of systems people are accessing.Â
This digital fingerprint also contains:
- the type of browser usedÂ
- the IP address of the computerÂ
- if cookies are enabledÂ
- the language of the computerÂ
- what fonts you haveÂ
- installed plugins
- the operating system
And all of this gets put together into this fingerprint or User-Agent. Various websites can provide this information for someone to be aware of the data being transmitted back and forth. A quick Google search for â€œwhat is my browserâ€ and numerous sites can provide the information for the user to see what is given to websites when they visit them.
There are two recommendations to support and protect against these types of browser dangers:Â
1. Use an ad blocker
Not only will this reduce the ad congestion on some web pages, but it will also cover the end-user when surfing on those styles of pages. There are many different ad blockers, but users should do some research to see which one will work best for their needs and interests. Some are free, some are subscription-based, and some are designed specifically for privacy experts. Their preference is the â€œuBlockerâ€ browser plugin from discussions with various privacy experts.
See More: Why Security Does Not Equal Privacy
2. Protect against digital fingerprinting
Some plugins and browsers can reduce someone’s digital fingerprint when visiting a website. Utilizing these plugins or browsers will not completely hide the information, but it does reduce the amount of information shared with websites that one visits. A quick Google search for â€œdigital fingerprint block browserâ€ will provide information about the various browsers and plugins that users can add to limit their online privacy. Sometimes users think that the privacy tab or incognito mode will protect them. In reality, all it does is prevent the browser from saving the websites in the browser history, and it does not store any of the website files into the system’s cache.Â
With browsers, many people do not realize that it is one of the first things that cybercriminals or malicious hackers go after once they access the system. This is because many people like to save their passwords in their browsers. Their browser may pop up when they enter a username and password the first time and ask, â€œWould you like me to save these credentials?â€ It is a convenience, and unfortunately, that information is now saved in the browser. People may believe it is protected, and it is often not. Cybercriminals can utilize a tool to extract the data from the browser within seconds. The data collected allows them to view any saved user accounts and passwords, bookmarks, cache and anything else held in the browser.Â
Password-Protect Your Data
To reduce this attack risk, end-users should use a password manager to save passwords instead of the browser. Using a password vault will utilize a higher level of encryption and protection, allowing someone to save information about security questions and other relevant information regarding their accounts outside the browser. So, if a system is compromised and browser data is stolen, the cybercriminal can now steal the usernames and passwords. With a password-protected vault, they will not be able to gain access unless they use brute force and attack against it by trying all the permutations of letters, numbers and special characters. To prevent this from being successful, use a very strong password to secure it, and do not forget it. Using a password vault is certainly another way to enforce additional privacy of an end user’s data and protect their information from cybercriminals.
While data privacy day comes around only once a year, we must remember maintaining a certain level of privacy online year-round without exposing too much information. As we continue to surf the web, we must invest time and effort to protect ourselves and avoid getting entangled in it.