With millions of spam emails, thousands of malware websites and an unknown number of cyberattacks taking place on the Internet every day, traveling safely through these interwebs is no easy task. Thankfully, MakeUseOf is here to help.
Being a newcomer on the web these days isn’t always a pleasant experience. Setting aside the fact that you’re trying to learn how to do new things like using email or using your new Facebook or Twitter accounts, there are also threats from all sides that you may not be fully prepared for. In fact, the people behind these threats count on people who are more naive about web safety etiquette.
It’s not only security threats that newcomers to the web should be aware of. There are other types of basic etiquette that you should know when starting out your online experience with services like Facebook, installing web apps, and navigating the Internet in general.
Here at MakeUseOf, we’ve offered a number of etiquette guides for things like BitTorrent, using emails and forums, and even Facebook etiquette. In this general mini-guide, the focus will be more about the issues and problems that Internet newcomers commonly face, and how to avoid or deal with them.
One of the most basic parts of using the Internet – browsing websites – should also be the easiest, right? Sure, but it’s not.
When it comes to navigating through websites, there are a lot of landmines and trap doors in places where newcomers find themselves stumbling onto a website that they didn’t intend to visit. How can that happen? Well, most of the time it comes down to how online publishers advertise.
In order to stay in business, websites place advertisements interspersed with content, and unless you know how to recognize those advertisements, you could find yourself clicking on one of those links and ending up on some annoying, spammy sales page. The easiest way to recognize ads is to look for the small blue triangle in the corner of the ad box, or look for some text like “Ads by Google” that identify the area as an ad.
You’ll usually find some sort of indication, because Google has started penalizing sites that try to “camouflage” ads – so some text indicating that it’s an ad area or “sponsored links” will usually reveal the ad to you. Here’s another example from a mainstream site like the NY Times, so as you can see these sorts of “blended” ads are very common. Learn to spot them.
Another tricky sort of ad to watch for is the pop-over ad. Basically when you glide your mouse inadvertently over an ad, it slides open in a much larger area, even covering some of the page content sometimes.
When this happens, you can just about always find an “X” in the corner of the ad, and most of the time that “X” will actually minimize or close the ad window so you can see the content again. This is even the case when the pop-up ad takes over the entire page and covers up all of the content, like this weird full-page ad at wiseGEEK.
Again, look for the “X” in the corner. It isn’t always easy to find, but it’s nearly always there and usually works.
Some people would say that using something like Adblock is the best solution – but as Chris Hoffman, a former Adblock filter developer explains, blocking all ads can end up doing a lot more harm than good. In fact, if the usage rates for Adblock software continue along the trend they are headed today, the Internet will likely become another corporate-run medium, because start-up bloggers and website owners won’t be able to afford launching new content anymore if advertising no longer pays the bills.
So – instead of contributing to this problem by installing Adblock, just learn what ads look like and how to avoid them as you enjoy all of the fantastic free content around the net.
Understanding Fake Websites
One of the most common mistakes that I’ve seen when introducing someone to using the web for the first time, is that they’ll often mis-type the address of a web page. This was worse years ago when you had to type in the three letters “www” before every web address, but these days web browsers are intelligent enough to understand that “www.makeuseof.com” and “makeuseof.com” is the same thing.
In fact, in Chrome and many other web browsers, the URL address bar now doubles as a search box using whatever default search engine is set up in the browser settings. So when you type a single word like “fish” in the URL field, the browser recognizes that this isn’t a web address, so it’ll return search results for that word.
However, it’s still possible to mess up. Type in “gool.com” (a common error when people try to type “google.com” too fast, and you’ll see what I mean.
This is called a “cybersquatter” page. Pages like this are purchased and parked by people or businesses hoping to make a few cents from the unsuspecting people who mistype these website addresses. If you’re lucky it’ll just be a page filled with ads. If you’re not lucky, it could be owned by someone who created a fake page meant to look like the original. You’d find a number of these at web addresses with close spellings to websites like bankofamerica.com, or paypal.com, for example.
How do you know if the website you’ve visited is actually real and not some fake site? Look for the padlock. With most legitimate websites where your private data is at risk, like banking sites or online email services, you’ll find a padlock displayed in either the bottom status bar of the browser (typical with Firefox) or to the left of the URL location field (typical with Chrome).
This status should be displayed somewhere on the browser menu or on the browser status bar itself, not inside or on the web page itself. Typing in the actual URL of a website you want to visit is usually the safest way to access your accounts (rather than clicking on an email link) – so typing URLs is still your safest bet, but just be very careful about your spelling.
Another security measure you’ll find on a number of banking sites is something called a SiteKey. This was developed as a technique by banks to stop the sort of “fake website” hacking that was going on and particularly targeted bank accounts.
When you set up a SiteKey on your bank account, it isn’t just meant to be an annoying extra step in the login process. It’s meant so that you know you’re accessing your own account, because fake website owners would not be able to display the correct SiteKey image for your account, since every account would have a different SiteKey image.
One of the most common techniques hackers use to draw people to their fake websites is a technique called “email phishing“.
Phishing is a very old technique scam artists have been using for many years to try and trick people into thinking that an email they’ve sent you is from a legitimate business. These days, online email services are very good at identifying these sort of spam emails and automatically filtering them into to a spam folder. However, you may still receive some of them in your inbox, and they can look very convincing.
A few things to watch for are links inside of the email telling you to log in to confirm the ID and password for your account, or to otherwise confirm something about your account. There will often be a threat that your account will be frozen or closed if you don’t confirm immediately. PayPal is the most common target for phishing, but major bank customers are commonly a target as well.
Look for unusual links in the email (why would Discover customer service send me to a website link with 18.104.22.168 in it??). You may even notice legitimate-looking things like a company copyright notice – people aren’t allowed to print that unless it’s legitimate, right? Nope.
Your best bet, and the advice that even the bank customer service will give you if you call and ask, is that you should never respond to anything via email when it has to do with logging into any of your accounts. If there’s an issue, you can open up a browser and log into your financial accounts directly. Most banks have an internal messaging system inside of those accounts that they use to communicate with customers. If you don’t see any message there, then you know for certain the email is fake. If you have any doubts, call customer service, but don’ t ever click on an email link to log into any of your online accounts.
Downloading Free Apps
Another area of Internet use that new users often run into issues with is downloading free software. The Internet is filled with really cool free web apps, free services and applications that you can download and install on your computer. Most of the time these applications are completely safe to download, but other times they are infected with viruses, malware or adware that you want nowhere near your computer.
You can play it safe by first researching the software that you want to download to make sure it’s safe. Even though, there are a few roadblocks you’ll run into even when you’re downloading legitimate free software.
The first problem is that the sites where you can get the free software are oven very manipulative about how you actually go about downloading the software itself. Even a legitimate, credible website like CNET has six buttons on the download page that appear to be a legitimate download link, styled just like every other download button on the site.
Only one of the download links is actually legit. Can you guess which?
The secret is to hover over the button and make sure the link it goes to (displayed in the browser status bar) isn’t linking to some ad network, and that it goes to another CNET download page.
An even worse website than this is Softpedia, which places legitimate download buttons dangerously close to the Ad download buttons.
Most ad links on the page also look like they could be links to download the software you’re looking for. They’re not.
Then, on the actual download page, none of the “Download” buttons are actually legit. The download page is actually the “External Mirror” link – which doesn’t stand out nearly as much as those big green Download buttons.
It’s obviously a technique to trick visitors into inadvertently clicking on ads instead of clicking on the legitimate download links. Google, in all its wisdom, still hasn’t done anything to punish larger websites and companies like CNET that still put this sort of ad trickery into practice on its website.
So, be aware that this goes on, and carefully analyze where those buttons link to before actually clicking on them.
Free Software Crapware And Free Trials
One more issue you need to be aware of if you’re planning to download and install a lot of free software off the Internet is the fact that even safe, “legitimate” software comes with a few strings attached. Often one of those strings is that the installer wizard you need to use to install the software has a step embedded into it that will install extra software that you don’t want, if you’re not careful.
The trickery here is that the option selected by default is to install this software – called “crapware” by those familiar with it, because the extra software is usually very low quality and only meant to do things like track your browsing activity for advertising purposes.
The sad part of it is that it’s very easy to prevent this garbage from getting installed on your computer. Just click the option that doesn’t include the installation of that extra software. The problem is that most people just blow on through these installation windows, clicking next-next-next without giving it much thought. Suddenly they discover an odd new adware toolbar in their browser and wonder how it got there. Joining the fightback against these sneaky methods is the only way to realistically combat them.
Another mistake newcomers to the web make when dealing with free software is signing up for a free trial – using a credit card or PayPal account – and then completely forgetting about signing up until the second month comes along and you discover a new charge on your credit card for the software “membership”.
Keep an eye on the sign-up process if you do ever decide to sign up for any soft of “free trial” – whether it’s free software or a free web service. These free trials are usually provided because they count on people forgetting to cancel the recurring charge. Don’t be one of those people (unless you really like the software) – set a calendar reminder to cancel the trial in good time.
Using Social Networks
The last set of common mistakes new Internet users make is on social networks. We’ve actually published a lot of stuff on MUO about Facebook etiquette, but probably the single most common faux pas new users make is posting private information to the whole world.
You see, Facebook has a quick and easy way to see and change whether individual posts are going out to the public, or only your friends and family. It’s that little icon next to your name and date for each post. If it’s an image of people, then it’s only going out to your friends. If it’s the image of a globe, then you’ve just posted that update to the entire Internet.
Hopefully, you didn’t just discover that you’ve been accidentally posting very private information to the world! Luckily, you can go back and change those. Also, if you go into your Facebook settings and click on “Privacy”, you can change the default for your posts from “Everyone” to “Friends” (a very smart thing to do).
There are all kinds of other behaviors to avoid on Facebook, so I highly suggest you browse through our many articles about Facebook behaviors and etiquette. Thankfully, it’s usually easier to stay out of trouble on social networks – they’re nowhere near as dangerous as email phishing or fraudulent websites.
Being new to the Internet doesn’t mean that you have to be afraid whenever you’re online. Just being aware of the sorts of issues outlined above will go a long way toward staying safe and having fun on the net without the danger of putting your identity or your computer at risk.