Secure Website Features
In your internet travels you have surely encountered links or websites that had you asking yourself, “Is this website secure?” There are many deceptive tactics that cyberattackers can employ to trick you into clicking on their malicious links, but you can protect yourself by knowing some of the signs that the virtual space you are entering is safe and secure.
Check to see if it is secure. On many browsers, this can be as easy as looking to the left of the web address where you will see icons such as a closed padlock, indicating that the site is trusted, or other symbols such as closed padlock with a red strike over it, a red warning symbol, or an information icon (a circle with the letter “i” in it), indicating that the website is not verified to be secure, or has been flagged as dangerous.
Check the TLS certificate. Look at the URL of the website. If it begins with “https” instead of “http”, it means that the site is secured, using a TLS/SSL certificate. TLS certificates secure all of your data as it passes from your browser to the website’s server. A TLS certificate is awarded after completing the SSL validation process, which is the process of ensuring that the certificate the site holds is valid and identifying it correctly. There are different levels of SSL validation. Domain Validation (DV) validates the ownership of the domain, but not the legitimacy of the organization requesting the digital certificate. The highest level of TLS/SSL validation is Extended Validation (EV). Organizations requesting a certificate through EV must prove their identity as well as their legitimacy as a business. You can identify an EV SSL certificate by clicking on the closed padlock to the left of the address bar, which provides access to the EV TLS/SSL certificate information.
Check the domain. Cyberattackers can trick you into clicking on malicious links by creating websites that mimic existing websites. Cyberattackers are hoping that you will click on the link to their malicious website where you will then make a purchase, divulge sensitive information, and/or download malicious software applications such as malware, spyware, or viruses. To avoid these types of attacks, carefully look at the domain of a link before you click on it, to be sure that there are no small differences that could send you away from your intended destination. Also, do not click on links in your email, as those can appear to be legitimate, but they can actually send you to a malicious site. Instead, type the domain into your browser.
Check for realness. Find out if a company is real by looking for signs of legitimacy such as a physical address, a phone number, a return policy, and/or a privacy statement. Also, when shopping, be wary of crazy deals from sellers that you are not familiar with, as you could end up with pirated software, software with malware, knock-offs, stolen goods, used goods, or no goods at all.