Taking steps to protect ourselves and our devices can reduce the risks to our personal details and our money.
Internet users should always keep their browsers up to date and be cautious when downloading extensions, apps or files.
Plus, the simple act of staying cynical every time we do anything on the internet can help us avoid falling into a cybercriminal's trap.
What are the risks when browsing online?
The Office for National Statistics (ONS) found 95% of UK adults had used the internet within the past three months at the time their survey was taken in 2020.
As more people get online, the risks of doing so multiply and evolve. Even the most tech-savvy among us could be hit by new scams as we browse the web and shop online.
There are three major categories of online risk to be aware of, which we cover in more detail below. Bear in mind, there's some crossover between the three categories, especially for more sophisticated scams.
Along with these, there is also the potential for web browsers to be exposed to inappropriate content, especially younger web users.
The Age Appropriate Design Code aims to make companies and websites respect children's privacy: read more about that here or read our full guide looking at whether the Government can keep kids safe online.
We've got a full guide on parental control software for parents and carers too.
Risk 1: Malware
Malware is the collective name for various types of malicious software we may encounter while browsing or opening our emails.
These are some common subsets:
- Viruses which infect our computers when an action is taken (such as an app being opened)
- Worms which infect our computers automatically when a file is downloaded (no need to be triggered by an action)
- Trojans which pretend to be legitimate programs and then damage our computers when used
- Ransomware which locks computers until a ransom is paid
Taking protections and remaining vigilant when we're online can reduce the possibility of this malicious software making it onto our computers.
Risk 2: Phishing
Phishing is the name given to scams where the intention is to steal personal information. This could be credit card details, login credentials or any other personal details scammers may be able to use to run their scams.
Internet users can come across these scams in various settings, but the main ones spoofed websites, emails or text messages purporting to be from a company.
Risk 3: Fraud
Online fraud accounted for 87% of all identity fraud cases in 2019, and there are plenty of opportunities for fraudsters to target people while they're browsing and shopping online.
- Fake shopping websites
- Fake charity websites
- Fake gambling apps or sites
- Fake dating profiles
- Fake listings on sales sites
The goal of fraudsters is to get hold of our money by pretending to be a legitimate website where we make a purchase or persuading us to transfer money through a listing on a marketplace, dating website or a link to one of our social media accounts.
We've got a full guide to understanding fraud and how likely it is.
How to stay safe while browsing or shopping online
Now that we understand the risks of browsing and shopping online, let's take a closer look at how to battle against them.
These are six of the best tools in our arsenal:
1. Use strong passwords
It might be the most common piece of advice for staying safe online, but that's because strong passwords can protect us in numerous ways.
Complex passwords may include:
- Mix of upper and lowercase characters
- Multiple words
They shouldn't include information that is easy to guess such as a family member's name or birthday, nor should they be one word which might easily be hacked.
If creating unique complex passwords for all our logins sounds intimidating (and difficult to memorise), we could use a reputable password manager to store all our passwords, so we only need to remember one.
There are plenty of paid and free password managers out there including:
Always do your research before choosing a password manager and remember the password you choose for your overall password must be memorable or you won't be able to access any of your accounts.
2. Protect your devices
Reliable antivirus software and a good firewall can prevent our web browsing bringing malware on to our devices and stop phishing attempts in their tracks.
There are paid and free antivirus software options available from the likes of:
It's one thing to have quality antivirus software installed on our devices, but we've got to use it properly too.
- Run regular virus scans
- Keep the antivirus software updated
- Pay attention if it tells you something is suspicious
Don't forget that our smartphones and tablets are vulnerable to attack too, and these are often the places where we do the majority of our web browsing, shopping and banking.
3. Always install software updates
We mentioned keeping antivirus software updated above, but there are other programs on our computers and devices we need to make sure are updated too.
The browser we use to access the internet, whether that's Chrome, Firefox, Safari or another, will be regularly updated by the developers to protect against the latest threats.
When a browser prompts us to update, there's a good reason for that. It may be inconvenient, but it's a few minutes of inconvenience that could prevent damage to our computers or help stop us becoming a fraud victim.
Similarly, applications we use every day either through our computer or via our smartphones will periodically prompt us to download and install updates.
If we look at the explanation alongside many of these updates, it will say they're fixing minor security bugs or flaws. Some people won't bother downloading these updates because they don't seem to improve the application they're happy using, but that's not the point: the application might now be a security risk for their computer or device.
4. Beware browser extensions
Browser extensions are useful to undertake quick tasks online like taking a screenshot, applying discount codes or clipping items to online notebooks.
We should always download extensions from trusted sources such as the web browser's own marketplace but be aware this isn't completely fool proof.
Scammers may be able to add malicious browser extensions disguised as genuinely useful tools on to the marketplace, sometimes bypassing the stringent vetting procedures browsers claim they have.
When giving a browser extension permission to do something (as we do when we first install them), check whether the permissions they're asking for make sense.
For example, any extension asking to log secure details such as passwords or credit card details should be treated with suspicion.
5. Protect your personal details
Scammers love getting hold of our personal information, so it's important we take steps to stop that happening.
There are some obvious things we should not be sharing with others online such as:
- Bank details
- Credit card details
- Home addresses
However, we should also be careful about the other things we share online in places such as social media. We may share information about our location or children's names or other identifying information that could be used by fraudsters as part of a bigger scam.
Make use of privacy settings on all websites that offer them and be careful about sharing unnecessarily information online.
6. Practice safe browsing
Safe online browsing and shopping can encompass a whole host of factors. Although some of these tips are second nature to some of us, we're all liable to forget them at times.
Remember these points:
- Always ensure a website where we're making a payment or sharing personal information is secure by checking it begins with "https" instead of just "http"
- Check the websites we visit are spelled correctly and don't have bizarre domain names or unexpected country domain extensions
- Don't click on clickbait links designed to lure us to unsafe websites
- Don't download software from sites unless we're certain they're safe
- If a shopping offer seems too good to be true, it probably is
- If a website requests more information than they need, be cautious
- Don't give anyone else access to our accounts
Fraudsters become more sophisticated as our ways of fighting them become more sophisticated. That's why we have to constantly be on our guard when browsing and shopping online.
Most advice about staying safe while browsing and shopping online can be boiled down to one pro tip: always stay vigilant.
If we understand the mechanics of how scammers work and what information they want to steal from us, we can take steps to protect that information.
At the same time, scams are constantly evolving and flaws we never knew about emerge quickly before they're fixed.
As an example, back in 2019, it was confirmed the Samsung Galaxy S10 had a thumbprint sensor flaw, meaning any thumb could unlock the device if a screen protector had reduced the effectiveness of the sensor.
Although the flaw was quickly patched with a software update, it demonstrated how technology can increase problems as well as reducing them. Biometrics are actually really useful as a way of securing our devices and our accounts, but we all need to make sure we pay attention when reports of flaws come out.
Another example would be Hyperoptic's issues with their routers reported back in 2018. Thanks to all the routers having the same hardcoded root password, it was theoretically possible for cybercriminals to access all routers by persuading individuals to click on phishing links.
Security threats and reports of breaches emerge every day, and it'd be exhausting to stay on top of each and every one.
However, app makers and software companies are required to stay on top of anything that puts their users at risk, so when they ask us to install a software update to fix a security flaw, we should do it as soon as possible.
Conclusion: browse securely
With more of us online than ever before, scammers are trying every trick possible to access our personal details and defraud us.
There are a couple of golden rules when it comes to safe online browsing:
- Be vigilant
- Be cynical
- Be careful
If something seems suspicious for any reason, trust your gut instinct and close the browser window. Don't buy the cheap handbag or download an app or click on a link: just close the browser window and carry on with your day.
Yes, we might miss out on some legitimate opportunities, but we'll avoid far more risks too.
For example, if a legitimate company is wondering why their great offer appearing in a pop-up window isn't attracting attention, they may eventually ask whether they're presenting it in the right way. Companies need to adapt to face the next round of threats: it isn't down to the customer to trust them anyway.