SWITCH Security-Blog

SWITCH-CERT IT-Security Blog

Jekyll or Hyde? Better browse securely


A Guest Article by Stefan Lüders.*

Surfing the web is like walking London in 1886. Usually you meet nice and lovely Dr. Jekyll, interact with him, and all fine, cosy and perfect. But in other circumstances, during the night, you might hit on evil and malicious Mr. Hyde. He just wants your money and your secrets, or abuse you. As in the novel by Stevenson, the good and the bad web pages can be very close together.

Most web pages are to inform you or provide you a service. But one click away, one Google page down, there are nasty pages aiming to steal your password, try to infect your computer, or lull you into disclosing personal information.

Therefore, recall:

STOP — THINK — CLICK!

should be the paradigm when browsing the Internet. If you are offered with a link which looks strange or contains gibberish (like http://211.268.156.277/.PayPal/cgi-bin/wbscrcmd_login.php), ignore it! It is always better to type simple, comprehensible web addresses like “www.paypal.com” then clicking on obscure links. If you are asked for your password, be vigilant and reflect whether this is justified. Also check first whether the connection is secure, i.e. that the web address starts with “HTTPS” and not just with “HTTP” lacking the “S”. Else, private correspondence and passwords might be intercepted by a malicious third.

Also take care when typing the web address. “CERN.CH” is of course not malicious, but just one typo away and you might accidentally enter “CERN.CG”, “ERN.CH” or “XERN.CH”. These are not under our control… Many companies have bought those so-called “Doppelgänger domains” or “typo domains”. Thus, be vigilant here, too!

Stefan Lüders

* Stefan Lüders, PhD, graduated from the Swiss Federal Institute of Technology in Zürich and joined CERN – the European Organization for Nuclear Research – in 2002. Today Stefan is heading the CERN Computer Security Incident Response Team. You can reach him via e-mail stefan.lueders at cern.ch.

Comments are closed.