Surf safely to avoid making waves at work

While most would-be surfers take adequate precautions before tackling the big wave, many surf the Internet without discriminating between safe and unsafe destinations.

Safely surfing the Internet requires a protocol somewhat similar to its watersport counterpart- use common sense, be observant, and avoid potentially dangerous areas.

Most websites are legitimate and conduct their business openly. However, a growing number are spreading viruses and malware to unsuspecting visitors. In turn, these problems can spread throughout an organization, causing such issues as slowdowns or complete loss of Internet access, pop-up ads that interfere with normal operation or web browsing, slow PC operation, and repeated system crashes.

Following are some workplace tips to help you avoid being victimized:

1. Be wary of official looking messages. A common ploy used by nefarious website developers is to reproduce Microsoft Windows messages, which may look genuine. If you click on any button besides the “X” in the upper right corner, you may inadvertently download and install software that you do not want or need. By clicking “Next,” “OK,” or even “No” or “Cancel,” you could trigger an event that will allow someone to capture all the characters that you are typing, or launch unwanted pop-up ads. If you are presented with one of these windows, you should always err on the side of caution. If unsure, ask your IT support staff or consultant before you start randomly clicking.

2. Avoid illegitimate websites. It is tempting to visit sites that are funny, or offering too-good-too-be-true items. Be careful when visiting such websites, as these are frequently the source of many Internet related troubles. Generally, steer clear of sites offering free software, jokes, gambling, porn, or music/movie-sharing.

3. Monitor software downloads. Downloaded software can help increase your productivity, but it also can cause problems. Make sure to:

a. Consider the source. Is it from a reputable company? Is the website address spelled properly in your web browser (e.g.,, not Do a Google search and see what else you find regarding the software. For example, check to see if industry trade sites have written favorable articles about the software;

b. Run up-to-date anti-virus software. As you download the program, your first (but not your only) line of defense is your anti-virus program;

c. Uninstall the application once you no longer need the program (go to the Control Panel, Add/Remove Programs module and uninstall the application).

4. Avoid fake spyware/malware removal tools. Many websites claim to have the best tools for removing spyware and malware. Often, these are used as a payload to launch spyware and malware. Never install or run these programs unless your IT staff/consulting firm has specifically recommended them. If you lack a support team, check such credible sources as PC Magazine or C|Net to see if the program is legitimate and favorably reviewed. Do not pay for any software unless you are sure it is a good program from a legitimate source.

5. Avoid peer-to-peer (P2P) software in the workplace. Peer-to-peer software allows users to share files, such as music, movies, videos and software. Files stored on your computer are accessible to other users of the service to download directly for themselves. Then, they become an additional download point for other web surfers to find that same file (e.g., a Dave Matthews song, or the latest movie with Reese Witherspoon). Napster, LimeWire, and KaZaa are examples of P2P services. Warnings:

a. Never use P2P on an office computer, as it will compromise files on your corporate network;

b. This software usually comes preinstalled with other malicious pieces of software;

c. Downloading big files can take up a large portion of your Internet bandwidth, affecting all staff;

d. You run the risk of breaking copyright laws which could expose you and your company to prosecution.

6. Protect Internet banking security. Never get complacent about the security of financially-critical sites. As such services as online banking and billpaying have become more commonplace, users tend to become too lax about the processes. Stay vigilant:

a. Create long complicated passwords (if possible more than 10 characters). Mix upper and lower case letters with numbers and symbols. Do not write this password down – once someone finds it, your account may be cleaned out within minutes;

b. Do not trust emails or phone calls that supposedly come from your bank. If you receive a call, tell them that you will call right back – and call a number you know is legitimate. If you receive an email about your account, don’t click on any links in the email. Instead, start a new web browsing session and click on the bookmark or known address for your bank. Then, check the details of the email independently;

c. Understand your liability when using Online Banking and Bill Pay services;

d. Never use a public computer if you can help it. If you must, then change your password as soon as you get to a private computer. You have no idea where that computer has been, who has been on it, or what is running;

e. Click on the Logout, Logoff, or Close icon provided by the bank—ensuring that someone doesn’t come in behind you and access your account.

7. Exercise care when shopping online. Without a brick-and-mortar presence, online stores can be tricky. Before handing over your money and confidential information, be sure you’re dealing with a reputable company:

a. If you are considering a new store, search for it on Google to make sure it has a presence;

b. Get recommendations from friends and colleagues;

c. Avoid deals that appear too good to be true;

d. Use a credit card rather than a debit card – you are covered with better protection;

e. Understand your liability in such areas as recurring charges, refund/exchange policies, and restocking fees—because an ounce of prevention here can be worth a pound of cure.

Before surfing in unfamiliar or potentially unsafe Internet waters, check them out. Your workforce and corporate productivity will thank you.