Browse the Web Safely at Work

Browse the Web Safely at Work

Browse the Web Safely at Work

Overview

Most cyberattacks start with a web browser. A fake login page, a malicious ad, or a sketchy download can hand over your credentials in seconds. This article covers the safe-browsing habits that protect you and your company every day.

Before You Begin

  • A current browser. Update Chrome, Edge, Firefox, or Safari if you have not in the last month.
  • Awareness of which browser is your company's standard. Some tools work in one browser only.
  • The ability to spot the lock icon in the address bar, plus the full domain name.

Steps

  1. Look at the full domain before you sign in anywhere. Real Microsoft logins live at login.microsoftonline.com. Real Google logins live at accounts.google.com. If the domain looks off, stop.
  2. Type sensitive URLs by hand, or use a saved bookmark. Search results can lead to lookalike sites that pay for top placement.
  3. Use the lock icon as a baseline, not a guarantee. The lock means the page is encrypted, not that the site is honest. Phishing sites have locks too.
  4. Avoid downloading files from sites you do not know. If you must, save them to your downloads folder and let your security tool scan first. Never open a file you did not expect.
  5. Close pop-ups that warn you about viruses, expired licenses, or "your computer is infected." These are always scams. Close the browser tab, do not click anywhere inside the pop-up.
  6. Decline unfamiliar browser extensions. Many extensions read everything on every page you visit.
  7. Sign out of work accounts when you finish on a shared computer. Closing the tab is not the same as signing out.
  8. Use private or incognito mode when working from a hotel computer or kiosk. Better yet, do not sign in to work at all from a kiosk.

Troubleshooting

  • If a site asks you to disable your antivirus to continue: leave the site. No legitimate site needs that.
  • If you clicked a sketchy link by accident: close the tab and tell your security team. Faster reporting limits damage.
  • If your homepage or search engine changed on its own: a browser hijacker may be installed. Disconnect from Wi-Fi and contact support.
  • If a downloaded file will not open without a "decoder" or "viewer": delete it. That is a malware delivery pattern.

Related Articles

Need More Help?

Submit a ticket at support.bostonmit.com or email support@bostonmit.com.

    • Related Articles

    • Handle USB Drives and Removable Media Safely

      Handle USB Drives and Removable Media Safely Overview USB drives, external hard drives, and SD cards are small, but they can move malware or sensitive data faster than almost anything else. This article walks you through safe handling so an innocent ...

    • Stay Safe on Public Wi-Fi While Traveling

      Stay Safe on Public Wi-Fi While Traveling Overview Airport lounges, coffee shops, and hotel lobbies all offer free Wi-Fi. They also offer attackers a front-row seat to whatever you do online. This article shows you how to keep working on the road ...

    • Spot a Social Engineering Attempt

      Spot a Social Engineering Attempt Overview Social engineering is when an attacker manipulates a person instead of hacking a computer. It works because humans are helpful, busy, and trust authority. This article gives you the patterns to spot and the ...

    • Handle Sensitive Information at Work

      Handle Sensitive Information at Work Overview Every company holds information that needs protection: customer details, employee records, financial data, contracts, and internal plans. This article gives you the everyday habits for handling that ...