What should I pay attention to online? A Google expert explains this on the occasion of European Cybersecurity Month.
As part of the European Cybersecurity Month in October, users have been made aware of how to use the Internet carefully and thoughtfully since 2012. To mark the month of action, the news agency spot on news asked a Google expert, among other things, what he pays particular attention to in everyday life when it comes to the Internet – and what he considers to be the most common dangers.
Threats from phishing to malware
For users of browsers such as Google Chrome, Mozilla Firefox or Apple’s Safari, phishing “unfortunately continues to be the biggest threat,” explains Dr. Jochen Eisinger, Director of Engineering for Chrome Trust & Safety at the Google Safety Engineering Center Munich. “Phishing is a method in which attackers create fake websites, which in turn resemble real websites, in order to trick users into revealing personal information such as passwords, credit card numbers or account details.”
Eisinger also gives an example in this context: “A typical example is a fake email from a bank or other service that asks users to click on a link and log in. However, the link leads to a fake website and hackers have access to personal data with a careless click.”
“Another typical threat is malware,” explains the expert. “Websites contain malicious code that aims to install viruses, Trojans, etc. on the user’s computer. Last but not least – passwords: One of the most common methods to hack an account is password theft. A lot “Too often we still use the same password for multiple sites or use weak ‘Password1’ style passwords.”
More security: updates and vigilance
The threat of phishing can be prevented “above all by keeping a watchful eye and software updates. In order to recognize and prevent such attacks, attention should first be paid to unusual or suspicious sender addresses. Phishers often try to imitate legitimate addresses by making slight differences or typos use.”
“In addition, you should never click on links in unsolicited emails or open attachments,” emphasizes Eisinger. “It is also important to keep operating systems, browsers and all software applications up to date, as these warn of known phishing sites and filter suspicious emails.”
In Google’s in-house browser Chrome, which recently celebrated its 15th birthday, “the Safe Browsing function takes over, which also protects against malware. To use passwords securely, I recommend using a password manager: strong, unique passwords can be created for everyone Online service can be created and stored.”
Extensions as a gateway?
You should also be careful with browser extensions. “Extensions are small additional programs that expand the functions of browser applications. Even if many browsers have already included numerous functions of former extensions, such extensions are still current and popular – but can also be a gateway to online risks,” warns Eisinger, who advises only installing them from official and secure sources.
“Users should also check the requested permissions of each extension. If the permissions do not match the functionality of the extension, caution is advised. It is also advisable to check when the extensions were last updated. Regularly updated extensions show that the developers Developers are active and take care of the maintenance and security of the extension.”
The Google expert relies on this standard
Are there other options or security functions that the expert also relies on privately? “It’s clear: I have set up two-factor authentication (2FA) for all my activities on the internet and – where possible – I use passkeys. I also carry out regular security checks, such as checking third-party apps that “Have access to my accounts. When I no longer need these apps, they will be removed.”
Two-factor authentication is intended to ensure that the person pretending to be the user is actually sitting in front of the screen. Users have to prove that they have authorization for access in two different ways. The first factor is usually the corresponding password, the second is often a type of confirmation code that can be accessed via an app or SMS on the smartphone.
Chrome security features
Eisinger recommends the “Safe Browsing” feature to Chrome users. The feature is enabled by default and works in the background while users surf the web. It provides protection against websites that have been classified as harmful or fraudulent, for example through a clear warning. Safe Browsing has different levels of protection that can be customized . ‘Extended Protection’ – the highest level of protection – also checks downloads for dangers, for example.”
“For better orientation of your own security settings, there is now the ‘Data Protection Guide’ in Chrome, which can be found under ‘Privacy and Security’ in the settings. If you would like to find out about the advantages and disadvantages of the individual settings, “You should click through the guide,” suggests Eisinger.
The passkeys mentioned above are now “a safer and simpler alternative to traditional passwords. This allows users to log in to apps and websites in the same way they unlock their devices: with a fingerprint, a facial scan or a PIN for the password Screen lock. Passkeys can be easily created directly in Chrome in the password manager and are stored locally on the computer or smartphone. This makes the method phishing-proof.”