By Leonard Wills, NERC CIP Reliability Specialist

In today’s digital age, the internet remains an indispensable resource, providing users with numerous sources of information, goods, job opportunities, and other services. As of April 2024, 5.35 billion people use the internet, which equals sixty-six percent (66%) of the world’s total population. Unfortunately, with this number of users, the internet remains vulnerable to cyber threats and malicious actors. A study by the University of Maryland reports that a web attack occurs approximately every 39 seconds. 

Consequently, people must exercise vigilance when visiting websites. Without this vigilance, they increase their risk of falling prey to cyber-attacks. User error remains the primary factor in most cybersecurity breaches. Malicious actors use methods like the following to compromise websites, steal user credentials, gain unauthorized access to systems, and engage in other nefarious activities: 

1. Shortened URLs: A shortened URL obscures the destination link, allowing malicious actors to disguise harmful websites and spread malware to steal sensitive information. 

2. Look-alike Domains: These domains mimic legitimate websites by using similar characters and spellings. Malicious actors use them to trick users into providing sensitive information or to spread malware. 

3. Drive-by Downloads: This attack refers to the unintentional download of a virus or malicious software onto a user’s computer or other electronic device. It exploits browser vulnerabilities and installs infected files while the user passively views the website. 

4. Malvertising: This attack involves scammers injecting malware into legitimate ads. When a user clicks the ad, the malware installs itself on the user’s computer, potentially damaging files, monitoring activity, stealing confidential data, or installing backdoor access points. 

5. Trojan Horse: This type of malware disguises itself as a harmless or helpful file but contains a malicious virus. 

Here are some tips internet users can follow to reduce the risk of falling prey to cyber threats while navigating the web: 

1. Use HTTPS: HTTPS (Hypertext Transfer Protocol Secure) encrypts data, making it harder for scammers to capture and analyze user information. While this protocol does not guarantee a website is safe, it does indicate that the website uses encryption to secure data. 

2. Ad Blockers: Ad blockers reduce the likelihood of encountering malicious ads by blocking them. They can also block tracking scripts that advertisers use to monitor online activity. 

3. Hover First: Before clicking a link, hover the mouse cursor over it. This action will display the destination URL near the cursor or on the bottom left of the screen. 

4. Download from Trustworthy Websites: Users should only download from reputable websites, which are less likely to contain malware or other malicious software. 

5. Scan Downloads: Use antimalware software to scan downloads to mitigate the risk of malware spreading to a computer or electronic device by detecting and removing hidden threats before the file downloads. Additionally, antimalware software can alert users to avoid downloading suspicious files.