December 2022 - GlassWire Blog

About Chris Taylor: Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at the Ottawa Public Library, and is President of the Ottawa PC Users’ Group.

To browse the web, we all know that we should use https (which uses an encrypted session) rather than http (which does not use encryption), even though it’s not a panacea. See my Cybersecurity News article What does https really mean? https://mailchi.mp/glasswire/glasswire-monthly-newsletter-glasswire-is-about-to-reveal-your-ports.

Many sites are set up to automatically switch from http to https. Try browsing to http://google.com and it will switch to https://google.com. But some sites support both http and https and don’t automatically switch. In June 2021 Microsoft introduced an experimental feature called Automatically switch to more secure connections with Automatic HTTPS in Microsoft Edge v92 and announced it in the Windows Blog at https://blogs.windows.com/msedgedev/2021/06/01/available-for-preview-automatic-https-helps-keep-your-browsing-more-secure/. Even in Edge v106 (current as of this writing), the feature is still buried where you have to be pretty deliberate to enable it.

In the address bar in Edge, type edge://flags/#edge-automatic-https and hit Enter. Set the entry Automatic HTTPS to Enabled and restart Edge.

In the address bar in Edge, type edge://settings/privacy and hit Enter. Scroll down to the Security section and toggle on the option Automatically switch to more secure connections with Automatic HTTPS (1 in the screenshot below). You then have two options; Switch to HTTPS only on websites likely to support HTTPS (2 in the screenshot below) and Always switch from HTTP to HTTPS (connection errors might occur more often) (3 in the screenshot below).

I am not sure if the first option works all that well (don’t forget this was enabled through an “experimental” option). I don’t like the wishy-washy nature of the word “likely”. It does not work with http://www.example.com even though the site supports https://www.example.com . Even odder perhaps, http://example.com does switch automatically to https://example.com. The second option: Always switch from HTTP to HTTPS (connection errors might occur more often) seems more aggressive, switching both http://example.com and http://www.example.com to their https equivalents.

Given the warning that “connection errors might occur more often”, I thought the second option might prevent me from browsing to http sites, but with it set, I browsed to http://neverssl.com and was able to connect with no problem.

Even though my experience with the experimental feature seems less than a complete solution, I don’t see any major downside to using it. According to the blog, even if a webpage is prevented from loading, you will get a message that provides the option to continue to the site.

stay safe while shopping online during xmas

The holiday season is a time for online shopping. It’s convenient, often cheaper, and we can avoid crowds at the mall. But it’s also a time when scammers are out in force, trying to take advantage of unsuspecting shoppers.
That’s why it’s important to be aware of the dangers of online scams and protect yourself.
At GlassWire we really care about security, that’s why in this blog post we’ll give you some tips on how to stay safe when shopping online during the holidays.
Make sure you read this blog post before your next online checkout, during this holiday season!

The importance of online safety when shopping online during the holidays

The holiday season is a time when many people are shopping online and scammers are well aware of that.

The most common type of scam during the holidays is phishing. This is when scammers send emails or create websites that look like they are from a legitimate company, but are actually designed to steal your personal information. They may try to get you to click on a link that will download malware onto your computer, or they may ask you to enter your personal information into a fake website. Be very careful about clicking on links or opening attachments from unknown sources, even if they look like they are from a trusted company. Keep track of all your purchases and store all their tracking numbers. Be suspicious of “missed delivery” emails and when in doubt, check yourself with the tracking number, typed directly into the official courier website.

A very appealing type of scam that is common during the holidays is “free trial” offers. These offers often seem too good to be true, and that’s because they usually are. The scammer will sign you up for a free trial of a product or service, but then start charging you for it after the trial period is over. They may also sign you up for other products or services without your knowledge. Be sure to read the fine print before signing up for any free trial offers, and be sure to cancel any subscriptions that you don’t want before the trial period is over.

Another example of a common scam is the sale of something that has no value. This could be the case with fake gift cards. These card codes could be already redeemed or just be not valid. Purchase only from trustworthy and official websites.

Last but not least, don’t let your goodwill lower your attention. Bogus charity schemes are most likely during the holiday season. Scammers set up fake charities and solicit donations from unsuspecting people who think they are helping others in need. Be sure to do your research before making any donations to charities, and only give to reputable charities that you know well.

How To Protect Yourself From Online Scams

Fortunately, there are some things you can do to protect yourself from being scammed when shopping online during the holidays:

First, only shop on secure websites. Type the name directly into the browser URL bar and avoid following links from suspicious platforms. This will help protect your personal information from being stolen by hackers.

Second, be cautious of emails and attachments from unknown sources—even if they look like they’re from a trusted company—as these may contain malware designed to steal your personal information or infect your computer with viruses. Always check the sender’s address and immediately delete any email coming from addresses that you don’t recognize.

Third, don’t click on links from unknown sources as these could lead you to fake websites created by scammers designed to steal your personal information or infect your computer with viruses. And finally, make sure your computer has up-to-date security software installed which can help protect against malware and other threats.

Unfortunately, it may also be the case when despite paying attention, you do find yourself the victim of an online scam.
It’s not time to give up yet, as there are a few things you can do.

How to report an online scam

If you think you have been the victim of an online scam, there are a few people you can contact. First, you should reach out to the company or website where the scam took place. They may be able to help you get your money back or take other steps to help you. You can also file a complaint with the Federal Trade Commission (FTC). The FTC takes reports of scams and works to stop them. To make a report, go to their website and click on “File a Complaint Online.” Finally, you can also contact your local law enforcement agency.

When you make a report, be sure to include as much information as possible about the scam and what happened. This will help the person or organization you are contacting investigate and take action against the scammer.

Conclusions

It is important to be aware of the dangers of online scams when shopping online during the holidays. This is indeed among the most appealing periods of the year, for scammers, to prey on their victims.

Buy only from trustworthy marketplaces, read reviews before making any purchase and, if you still fear the risk, go back to local stores. A good talk, a piece of advice, and recommendations are always included in the price of the present.

Download GlassWire