DHitMA: Smartly Browsing the Internet

  1. Use at least two different browsers: one for personal work and one for anything that may fall within the concept of DHitMA
  2. Do not wantonly click links: verify where some link points to prior to clicking it (this can be done by hovering over the link, whereafter most browsers will display the destination URL in the bottom left of the browser window)

Compare these two links:

These two links are not the same. Notice that the first link uses the character 'l' (lowercase L), where the second uses a real, English 'i' (lowercase I). This is a very common type of attack, and many users never notice it. It can be more complex and undetectable, using, for instance, an 'i' with an accent mark in place of the dot, which is borrowed from the Spanish alphabet. In cybersecurity circles, this type of attack may be referred to as a form of a watering hole attack, or a poisoned URL attack. The fake site, with a URL almost identical to the real one, will copy the interface to mimic it precisely. Then, dumb users will enter whatever information they usually do (login, credit card, etc.) and their data is easily stolen.

We recommend the reader refer to DHitMA: Internet Browsers and Search Engines for more precise information with regard to safe Internet browser use, and some recommended applications.