Skip to content 
CSAM WEEK 4:
How to Surf the Internet Safely Without Losing Your Sanity (or Your Data)
Let’s face it: the internet is basically a minefield wrapped in cute cat videos. One wrong click, and suddenly you’re drowning in pop-up ads, malware, and phishing scams that all promise you’ve “won” something (spoiler: you haven’t). But hey, we live here now, so let’s talk about how to survive without losing your precious data (or your mind).
How to Pick a Good Site from Google (or Bing, if That’s Your Thing)
We’ve all been there: you Google something simple, like “how to bake a cake,” and suddenly you’re scrolling through five ads, three suspicious websites, and one that looks like it was built in 1998. So how do you find a good site without getting burned? Simple[1].
- Look for Trusted Sources: If you’re searching for news, stick to well-known, reputable outlets. If you’re searching for how-tos or product info, check reviews on established sites, not the random blog that was created last month and has zero followers.
- Check the URL: If the website is full of random letters, numbers, or phrases that make no sense, back away slowly. Legitimate websites typically have clean, easy-to-read URLs. Also, “.com” or “.org” tend to be safer bets than weird, sketchy domains like “.biz” or “.xyz.”
- Avoid the Top Ad Results: Just because it’s at the top doesn’t mean it’s the best. Ads are often misleading, and while some may be legit, others are just bait for you to click and end up in a mess of malware. Scroll down to the organic (non-ad) search results. If it’s a good site, it probably doesn’t need to pay for that top spot.
- Read the Snippet: That little paragraph under the link in the search results? Yeah, it actually tells you a lot. If it sounds like broken English or is stuffed with keywords, it’s probably garbage. Aim for well-written, clear descriptions.
- Secure Sites: When browsing, always look for “https” in the URL bar and that little padlock icon. The “S” stands for “secure.” If the site doesn’t have it, it might be snooping on your info.
In short: Use your common sense. If it looks janky, it probably is. Stick with clean, reputable sites, and save yourself from digital dumpster fires.
Use Strong Passwords (Or Better Yet, Passkeys)
How to Surf the Internet Safely Without Losing Your Sanity (or Your Data)Forget weak passwords like “password123” or “ilovecats.” Strong passwords are a must, but there’s an even better solution on the horizon—passkeys. A passkey[2] is a next-gen way of logging in that skips the whole password business. Instead, it uses biometrics like fingerprint or face recognition or authenticators, paired with encrypted keys, to make hacking practically impossible. Anytime a site gives you the option, opt to use your passkey instead of a password.
- No more remembering long, complex passwords.
- No more reusing the same password for every site because you can’t keep track.
- Best part? No one can steal your passkey unless they have your face or fingerprint (and let’s hope no one’s going that far but we do know the police will go that far). If you haven’t started using passkeys yet, it’s time to jump on board. Many services like Apple, Google, and Microsoft already support them, and more sites are following suit.
Speaking of Google, Apple, and Microsoft, you might be wondering about sites that you allow to connect through one of those providers (otherwise known as Social Logins). Social login provides the benefit of not having to create 8 billion passwords across the internet but do come with a risk. With all your eggs in one basket, if an attacker were able to gain control over your social login they basically have a master key to your online life, like your bank accounts. If opting to use social logins, make sure to minimize your risk with the following:
- Keep two step verification enabled at all times!!!!!
- Unlink any unknown or old devices.
- Make a long, complex password (you would only need to remember one).
- Opt to receive notifications if logins occur on a new device so you can quickly tell if the account has been compromised.
CAPTCHAs: The Internet’s Annoying Gatekeepers
You know those little tests that make you pick out traffic lights or type in distorted letters? They’re called CAPTCHAs[3], and yes, they’re annoying. But they’re also a key part of internet security, helping keep bots and automated attacks at bay.
Bots—those pesky automated programs used by hackers—are constantly trying to break into websites, spam forums, or scoop up your personal data. CAPTCHAs act as a roadblock because, for now at least, bots aren’t great at telling the difference between a stop sign and a bus. So, next time you’re grumbling about selecting images of crosswalks, just remember that little test is probably saving your account from a botnet invasion.
Keep Your Software Updated: Because Hackers Love Zero-Days
I get it, those software update reminders are annoying, but ignoring them is like refusing to lock your front door because it’s “too much work.” Updates patch up security holes and protect you from zero-day vulnerabilities[4], which are bugs hackers exploit before software developers even know they exist.
Browsers have been hit especially hard in 2024. Google Chrome alone has dealt with over 30 zero-day vulnerabilities this year, and other browsers like Firefox and Edge haven’t escaped unscathed either. Each one of these vulnerabilities is like a VIP pass for hackers to sneak into your system without an invite.
So, the next time your browser tells you it needs an update, don’t put it off. A few minutes of waiting is way better than dealing with stolen data or a compromised computer.
Don’t Download Shady Stuff
You want that cool free app or cracked version of a game? Sure, and the hackers want your bank info. Stick to trusted sources, like official app stores. If something’s free but looks suspicious, it’s probably free because it’s a trap.
Final Thought: Browse Like You Have Something to Lose
Safe internet use isn’t rocket science—it’s about staying alert and being smart. Stick to trustworthy sites, use strong passwords or passkeys, ace those CAPTCHAs, keep your software updated to dodge zero-day attacks, and for the love of all things digital, don’t click on that flashing “YOU’VE WON” banner.
Stay safe out there!
About the Author
Sara Sofia is a Senior Cybersecurity Engineer at CaseWorthy, with over seven years of experience in the field. Specializing in navigating HITRUST and SOC II controls, as well as Identity and Access Management (IAM) and threat hunting, they are known for their nonsense approach and ability to deliver results. With a Bachelor’s degree from the University at Buffalo, Sara Sofia is a problem-solver dedicated to tackling complex security challenges and ensuring compliance in fast-paced environments.
