How to Avoid Putting Details into Dodgy Sites
Before you enter your username and password or credit card information into a website, you’ll want to be sure that you aren’t handing your details over to a criminal organisation. This might seem like an obvious thing to say, but hackers are becoming more intuitive, and it’s not difficult for people to impersonate a trustworthy website, so you need to know how to identify whether a website is legitimate and safe to use.
One of the easiest ways to see whether a website is secure is to check whether it has an up to date SSL certificate. Below, we’ll look at what these are and how to spot them.
What are SSL certificates?
The acronym SSL stands for Secure Sockets Layer. It's a type of digital certificate that forms part of the security protection offered to people who browse the internet. On one hand, the SSL certificates verify the identity of a website, certifying it as a secure and trustworthy site to visit. On the other hand, they also encrypt personal, confidential information, like your username and password, or your financial information.
SSL certificates are one of the true marks of a secure website and should be something that you look for when putting personal information into a website, as they help to distinguish between genuine websites and those that attempt to impersonate them. Next, we’ll look at the types of websites that use SSL certificates and how you can identify whether they are being used.
How to spot SSL certificates
There are a few ways to spot SSL certificates when browsing the internet. However, it’s worth bearing in mind that the way these tell-tale signs are displayed may vary depending upon the internet browser that you’re using.
When we look at the example of PayPal’s URL (their website address), as shown below, you can immediately see that there is a padlock displayed beside the website address, which indicates that the connection to the server that hosts the website is now secure. If this is shown as an unlocked (or broken) padlock, or there is no padlock at all, then the page isn't using SSL. Typically, you’ll also be able to hover your cursor over the green-shaded field, which will tell you which organisation has verified the website. In this case, for example, the browser indicates that American security software giant Symantec is verifying the security of the website.
You can also see that the website URL begins with ‘https’. If a website displays HTTP at the beginning of the address, instead of HTTPS, then that website is not protected by SSL encryption.
Moving away from the search bar, there may be another indication on the website itself that SSL is being used. Depending upon the organisation, the website may display a seal like one of the below images.
When to look out for SSL certificates
If you’re ever logging into a personal account, or using a website that handles financial transactions, then you should be on the lookout for SSL protection. It’s particularly important for transactions, as non-SSL forms will normally be transmitting the information put into them in plain text. This means that a computer-savvy individual could technically expose and read this website traffic, gaining unencrypted access to your credit card information, for example. The same could be done to obtain your usernames and passwords if they were put into a non-SSL login form.
Luckily, the vast majority of legitimate and high-traffic websites that depend on public trust, such as banks, supermarkets, and high-profile social media websites, rely on keeping their customers and their customers’ data safe, otherwise they’d lose business. This means that most will use SSL to ensure not only that their customers are protected, but that they themselves are protected from criminal attack and the negative damage to reputation that would result from this.
If you have any more questions about SSL certificates, such as knowing exactly how they work, then you can speak to WiseGuys on 0808 123 2820. We can also provide you with advice if you think that you may have already encountered a suspicious website that lacks the tell-tale security signs we’ve listed above. In the meantime, if you’ve recently entered your password into any unsecured websites, it may be worth changing them.