Use Your Bookmarks!

All websites that you use which contain sensitive or personal information, always use a trusted bookmark to navigate to them. The reason being, if you search Google or a search engine for mybank dot com, it’s possible a cyber attacker has somehow gained search engine prominence through sponsored links or other hacking, and put their own website at the top of the search engine, pretending to be mybank. A high-profile example of this was an attack against the Bitcoin exchange site mtgox.com in June 2013. The hijacker got his fake site at the top of Bing and Yahoo, so people thought they were going to mtgox but were really entering a phishing site which stole their user/pass.

Another common error is fat-fingering the URL, if you try to type common URLs and accidentally misspell it, hijackers often own misspelled domain names, like facbook or whatever. So without knowing you misspelled the domain, you enter a fake website that looks like the real deal, and they steal your user/pass when you try to log in.

Again, the safest way to browse to sensitive sites, is to have a proper bookmarks saved for them.

As a bonus tip, most browsers let you save a shortcut to the domain, so for example I have the shortcut "boa" which takes me to Bank of America. I don’t have to open my bookmarks or try to find it, I just type "boa" in the address bar and it inserts the domain. I have shortcuts like this for a couple dozen websites.