Internet Safety

• The domain name ("www.domainName.com") is inappropriate or obscene
• The domain name is unconventional or strange
• The domain name ends with a dot and two characters, like .cn, .bz, .ru, etc. This designates the website originates in a country other than the United States, and has a higher chance of being malicious as it is not regulated by the US Government. A site ending in .us is United States-based, and .ca is Canadian-based.
• The website has poor English grammar, spelling, or punctuation
• The website is poorly designed or "too" simple given the party's reputation
• The website has too many advertisements
• The website features advertisements that are inappropriate, unethical, or "tricky" in nature
• The website features key words and/or phrases, but not actual cohesive content
• The website pops up a message that your computer is infected with viruses or spyware, and you must take action to fix the issue.

If you believe the company/organization/individual is reputable but the website you are on doesn't appear so, you may be a victim of criminals that take advantage of domain name misspellings. If in question, search for the website using a popular search engine, such as "Google", and follow reputable links from there being careful not to use links found in advertisements.

If you find yourself on a website that isn't reputable - especially if it pops up a message that your computer is infected with viruses and requires immediate attention - leave the website, or close your Internet browser and re-open it. If you cannot close the website for any reason, restart your computer immediately using any means necessary.

Transmitting Personally Sensitive Information

If you've initiated a connection to a reputable website that requires you to submit personally sensitive information (such as paying your utilities online, credit cards, tuition, etc.), make sure you are protected from potential data intercepting criminals by using these tips:

• When entering passwords, ensure your password is hidden with symbols, similar to the following: "••••••". If these symbols are not used, this may indicate the website is not reputable.
• Log-out of the web site, then close your web browser completely when you're done.
• Avoid using features that prompt you to save your credit card or account information, username, or addresses. These features store information on your computer that could later be read by a criminal.
• Before entering personally sensitive information, ensure the website uses encryption.
• Encrypted sites begin with "https://"
• Ensure the site is validly encrypted: Many times you'll see some type of green indicator or closed-padlock icon in your web browser when visiting "https" pages; red or pink text or open/broken padlock icons indicate you should NOT submit personally sensitive information on this page.

	Google Chrome		Microsoft Internet Explorer
Good:
Bad:

Downloading and Installing Programs (including those required to display web sites/pages correctly)

There will come a time when you need to download a program from the internet, or a script or component to view a webpage. Before doing so, remember that viruses and spyware are most commonly transmitted using these methods.

• Only allow content that you initiated; NEVER allow additional or suggested content
• Download content only from reputable web sites (examples: download.com, adobe.com, microsoft.com, etc)
• Stick to main-stream downloads; stay away from strange or obscene file names
• NEVER download software that sounds too good to be true
• Downloading software from sharing services like KaZaA and BitTorrent may expose you to additional risk
• When allowing scripts/content to run, ensure they are "signed". Unsigned items will typically prompt for your permission first before running; be sure to read warnings carefully before overriding actions that were prevented. Unsigned content may expose you to additional risk.
• If still in question, use a popular Internet search engine to find ratings and reviews of the software.

Always double-guess your decision to download software or allow a script or component to run. Re-load the webpage to test that you don't need the script or component. Or, visit another a website that offers the same information. Search additional reputable websites for the same or similar downloads to ensure the download itself is reputable. Only download when you've done enough research on the program, its source, and you feel comfortable doing so.

Safely Sharing Information

Sharing Software and Files

If you'll be sharing software and/or files with someone, it's critical to know where the media has been that will be transferring this information. Ensure your computer software is up to date and you have anti-malware software installed and current, all as described in section two.

Sharing Sensitive Personal Information

If you find the need to communicate sensitive personal information to someone, the best method is in person or over the phone. E-mail may be the worst possible method and by default is in no way secure; saving information in files and transmitting them on CD's or Drives offers minimal protection. If you MUST share information, use a method such as PDF that has optional password encryption before sending files to someone else.

See Also: E-Mail Safety

Passwords & Security

Compromising your password(s) is one of the easiest ways for criminals to gain access to your sensitive personal information. When working with passwords, take the following into consideration:

• Whenever possible, use a "Strong" password. Strong passwords contain not only lower case letters, but also upper case letters, numbers, and symbols (if allowed). Strong passwords should be at least 10 characters. Don't use passwords that contain information about you, for instance birthdates, age, first name, last name, address, hometown, school, favorite color, movie, actor, etc., as these can be guessed more easily. In addition, stay away from words found in a dictionary (of any language).
• Use different passwords for different accounts. If you must re-use a password, use them at similar risk levels. For instance, re-using your E-mail password for your Online Banking is a bad idea, as your E-mail password is more likely to be compromised therefore increasing risk to your Online Banking account(s) as well.
• Change your passwords as frequently as you can easily remember them, at minimum, yearly.
• Never share your password with anyone. If you must share your password, change it immediately afterwards.
• Don't store your passwords on your computer unless a reputable, encrypted password storage program is used.
• Don't allow auto-saving or auto-login of information or passwords used to access personally sensitive information.
• Lastly, don't use the same passwords at work as you do at home.

If you believe your computer, or data on your computer, has potentially been compromised:

1. Shut your computer down using any means necessary.
2. If you must continue to use the computer, disconnect it from ALL networks including home and wireless networks, and the Internet.
3. Disconnect and do not use any computer external media, including hard drives, flash drives, etc. that were plugged into the computer in question.
4. Use another trusted computer system to change passwords for any critical websites like online banking, online utilities, credit cards, etc. Do not use any passwords that you had previously used.
5. To prevent issues from spreading to your friends and family, use another trusted computer to change your password for all of your E-mail and social networking systems. Don't use any passwords that you had previously used.
6. Keep an eye on your financials, like online banking and credit/store card accounts, etc, for several months. Criminals may give you a false sense of security by holding onto your information for several months before actually using it.
7. If you believe your financial information was jeopardized, contact your financial institutions immediately.
8. Take your computer (and any devices previously connected to it, including disk drives, flash drives, etc) to a local computer repair shop for inspection and malware removal. Spending $50 to $100 or more for this service has the potential to save several hundreds of dollars more in fraud, time, and frustration in the future. Make sure to ask your technician to provide you with a detailed list of any malware found and the implications of that malware so that you can communicate these to help assist your financial institution(s) and potentially law enforcement.