At some point, we all get careless. When searching for new information online, almost every day we end up on websites and webshops that we have never seen before. Most of the time, we think nothing of it and take a browse around the homepage. An average user almost never thinks about security rules, attacks, and possible website security gaps, let alone check the site we’re at.
If we don’t find anything on the website, we simply leave. This may sound harmless, but actually it can be very dangerous. Many sites and stores on the Internet are insecure, and there is a danger of catching malware, a virus or a Trojan horse, not to mention disclosing sensitive data like passwords and even getting ripped off by a fake web store.
In theory, any hacker can create a website on the Internet using a content management system, create an article or a fake product and scam the user.
In this blog post, we will give you a few tips and hints to keep in mind on how to recognize phony websites and fake companies. These tips will help you to access websites safely and protect yourself. We will also provide you with a few links that you can use to check questionable sites online and thus surf the web more safely.
Is the Website Secure? The First Check.
Are you on a website that you don’t know? Then consider the following four pointers. These are a good first indicator of whether a website is trustworthy and reputable (and therefore probably safe):
- The lock icon next to the URL is present
- The communication protocol is HTTPS and not HTTP
- The website has terms of use and a privacy policy
- For a webshop: all (or at least the most common) payment methods are accepted
Important: These points are only a first indicator. It is true that most reputable websites use the HTTPS protocol (S stands for Security, by the way). The padlock symbol and HTTPS represent a secure connection. However, they alone are unfortunately no guarantee that you can really trust the website or store. Nevertheless, you always need to be on the lookout for these.
Rule of thumb: Never enter your password, bank details or other sensitive data when you access a website that does not have a padlock symbol. The same applies to purchases from webshops without terms or privacy notices.
TLS or SSL Certificate When Transferring Data
TLS stands for “Transport Layer Security”, and SSL stands for “Secure Sockets Layer”. These are the protocols for encrypting data transmissions on the Internet, with SSL being the better-known term. Whenever you disclose data, look for a TLS or SSL encryption, i.e. an SSL certificate on the page of the respective provider or operator. With a padlock symbol and HTTPS in the browser address bar, the corresponding certificates are available and the risk of your data being intercepted (or “phished”) is low.
Website Security: Choose the Right Browser Settings
In most cases, Internet browsers can already tell from the certificate of a website whether it’s secure or could contain dangers. In that case, your browser will show you a warning message. Unless you’re 100% sure the website is safe, take these warnings into account and leave the website immediately. In addition to that, you should enable the following important settings in your browser such as:
- Use an ad blocker to block pop-ups and plug-ins set to run automatically
- Send a “Do not track” request to all visited websites
- Suppress unsafe Flash content
- Warn about downloads from unsafe sources
- Warn about sites that control PC hardware like speakers, microphone or camera
To do this, simply go to the privacy and security settings in your browser and adjust your privacy settings.
On Firefox:
With this browser you have the following options:
- Standard protection: a balance between performance and security.
- Strict protection: top for security. However, these settings might cause some web pages to load longer or become inaccessible.
- Custom protection: set security filters manually.
On Google Chrome:
Google Chrome’s security settings are a bit more personalized. It only has one Custom mode where you have to set all the parameters yourself. However, most of the stuff in the menu is self-explanatory and easy for users to set up.
Website Security: Helpful Tools
Are you on a website and suspect it might be insecure and its server full of malware? Then click on one of the following links and enter the corresponding URL there:
Or find the site’s contact information and dial the given phone number. That way you will get the best information, especially if it is a webshop you are unsure about. If the telephone number does not exist or you cannot get out of the waiting loop, leave the site!
Website Security: These services provide you with information about the status of the visited site in no time at all.
Website Security Software: Secuperts Cyber Shield
The tips and tools mentioned here will help you detect threats on the web and check sites if you suspect them. However, if you have landed on a virus-infected site, it may already be too late to avoid attacks.
To prevent that risk, we have developed Secuperts Cyber Shield. So, if you want to do something to boost your security beyond the free online tools, you’ll do well with Cyber Shield.
With Cyber Shield you get software that lets you create a Linux-based closed and completely secure working environment – your own virtual sandbox. You’ll be able to access all web content with Cyber Shield and do whatever you want in this protected environment. Malware, viruses, trojans, malicious software and cyber attacks never make it out of this closed area and never get onto your system. This is how you’ll protect yourself and your sensitive data including passwords in a reliable way. Even unsafe e-mail attachments, unknown links or downloads from a dubious server will no longer pose a serious threat.