Re: Good Browsing Hygiene, was: Kaspersky antivirus, how accessible?

Arianna Sepulveda

Brian, thanks for all your great info! I'm not sure if this'll do the trick, but if "i right-click a link, I see something called view source or something like that. Could this possibly let me view the actual link, and not just the words the person has used? I mean, would this let me view the actual URL, like ebay4com/bladybla, and not just white socks? I hope this makes sense.


On Apr 5, 2016, at 10:07 AM, Brian Vogel <britechguy@...> wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "" or "" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.


Join to automatically receive all group messages.