In-depth

How to immunise your browser from the latest security threats

The best web extensions to boost your privacy, security and browsing speed

Security bug

In order to prevent your data from being stolen and misused, it's essential that internet users take the steps to protect their browsers from the latest net nasties.

Given the variety of threats out there, users need to be prepared to thwart attackers from all directions, whether that be malicious ads, hidden software, unwanted cookies, phishing scams, and even rouge extensions masquerading as legitimate tools.

Advertisement - Article continues below

In order to make things easier, we've pulled together some of the best tools available to help you immunise your browser from the most common threats.

Avoid phishing scams and malware

Even with antivirus software running in the background, it's still wise to create an additional layer of browser security by installing Windows Defender Browser Protection or Avast Browser Security, which are available for all the major browsers. Like their antivirus counterparts, these 'all-in-one' extensions constantly scan for malicious code, suspect links and phishing attacks, and check threats against continually updated lists.

Avast Online Security helps you steer clear of dodgy websites

You'll find more settings in Avast Windows Defender only features an on-off button and it also adds a traffic light system to Google search results, so you can check a website's reputation before you click the link. This red-amber-green display is similar to BitDefender's anti-phishing, anti-malware extension TrafficLight a tool that also reveals when you're being tracked and analysed by a website.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Each tool clearly communicates potential hazards. Hostile sites are locked behind unmissable warning signs, and you can opt to run to the safety of your homepage, rather than risk infection or stolen data.

Block online trackers and spying ads

Every site you visit and link you click creates information that a website or third-party can use to identify and analyse you. At best, this means your data is flogged to marketers who target you with 'relevant adverts'. In the worst case scenario, it leaves you wide open to identity theft. And either way, you're likely to suffer a slow-down when too many ads follow you around the web.

Popular multi-browser ad-blockers Ghostery and uBlock Origin both let you mask your digital footprint. Constantly running in the background, these check for advertising and analytic trackers on every web page you visit, before blocking them.

Ghostery helps you become an untraceable shadow online

Ghostery is the more user-friendly of the two. It's available for most browsers, has its own Android and iOS apps, and provides useful at-a-glance info. However, uBlock Origin's standout feature, Element Picker, lets you permanently block all sorts of sluggish or suspect website elements including sidebars and comment sections.

Advertisement - Article continues below

Alternatively, try Privacy Badger. Created by the same folks behind HTTPS Everywhere, this 'smart' tool learns to recognise and block new trackers as you browse so, unlike rivals, there's no need to create whitelists and blacklists.

Defend your browser against CDN threats

One of the chief reasons why a website may be deemed risky is because of its Content Delivery Networks (CDN) a system that populates web pages with content like adverts and images from multiple background sites; sites vulnerable to hackers.

Decentraleyes available for Firefox, Chrome, and Opera dodges these centralised networks. And by cutting out the highly exploitable middle-man, the extension is able to protect you from malicious software hidden within background content.

Use Decentraleyes to dodge risky content

Advertisement
Advertisement - Article continues below

Given their widespread popularity, most attempts to circumvent CDNs cause a web page to break, but Decentraleyes sneaks past this problem, tricking sites into displaying the extension's own bundled local files that 'plug the gap'. The tool is also designed to play nice with other privacy-enhancing extensions, including uBlock Origin, uMatrix, and Cookie AutoDelete.

Evade dodgy scripts on websites

Executed scripts is another reason why so many websites are at risk. Security experts revealed that hackers use "scripting capabilities for iframe redirects and malvertising links to compromise web browsers".

Advertisement - Article continues below

You can protect yourself from this threat by using an extension such as uMatrix, which grants you the power to instantly stop sites running media, CSS, scripts, and frames.

uMatrix gives you full control over shady scripts and malign media

The matrix-based interface appears advanced, but it's deceptively simple: open up uMatrix on a specific website to see a detailed grid of running HTML elements, then click the lower-half of a box to block an element, or permit a process by clicking the top-half. You can implement global settings across all sites is activated by clicking the asterisk symbol (*), then selecting preferences.

By controlling individual elements, you can tighten security and still ensure every site works. For example, blocking certain scripts on the Google Play Store removes the See More buttons, making navigation a nightmare, so a blanket ban on all scripts would make the site unusable.

Banish unwanted cookies

Cookies aren't all bad they're the reason you don't have to type out your favourite web addresses or remember all your passwords, after all but they still help advertisers doggedly track you around the web.

Advertisement - Article continues below

Although we understand the popularity of browser extensions that remove irritating cookie notices such as the excellent I Don't Care About Cookies these are 'out of sight, out of mind' tools that won't protect you while browsing the web. For greater control over cookies on your machine, first check your built-in browser settings all major players feature the ability to clear cookies at the end of your session, when you exit the browser.

Ditch the cookies to stop being tracked around the web

Chromium-based browsers like Chrome, Opera and Brave keep this option in Settings, Advanced, Content Settings, Cookies, where you can toggle the switch marked 'Keep local data only until you quit your browser'. For Edge users, click Settings, and under 'Clear browsing data', select 'Choose what to clear' and turn on 'Always clear this when I close the browser.' In Firefox, visit the Privacy & Security settings, locate 'Cookies and Site Data', then use the drop-down menu to keep cookies until 'Firefox is closed'.

Advertisement - Article continues below

The Cookies AutoDelete extension for Chrome and Firefox streamlines the process further. One click lets you automatically clean up your cookies; whitelist or greylist specific sites; and select preferences that clean out cookies when, for instance, you visit new domains or open the browser.

How to tell if you're running a rogue extension

Browser tools gone bad are capable of stealing all sorts of private data from you - and most extensions have near-unlimited access to your personal data and browsing habits. No wonder Google are tightening up extension development.

The easy way to place unsafe extensions under lock and key

Extension Police checks your extensions are safe by auditing every add-on for potential security threats. Install it in Chrome or Vivaldi and the tool checks what each extension can do and how it affects your online health. Each permission you've granted is given a traffic light score: red for hazardous, amber for suspicious, and green for safe. You're then prompted to take action based on threat level.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Recommended

Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/privacy/355155/zoom-kills-facebook-integration-after-data-transfer-backlash
privacy

Zoom kills Facebook integration after data transfer backlash

30 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020