SSL Technology and How to Identify an Insecure Website
If you think that simply because a website indicates ‘a secure pop up’ that you are safe from hacking, think again. Users without proper Secure Sockets Layering (SSL) technology are at a high risk of privacy concerns such as phishing, cyber stalking and identity theft, to name a few.
Last year, Google announced that it would start ‘shaming’ websites that were insecure and did not use web encryption. This was the start of Google’s war on the unencrypted web and as of January 2017, Chrome users are now notified whether an HTTP site is secured or not.
As an internet user, it is vital that you know exactly what to look out for when browsing the internet in order to avoid falling victim to internet scams.
How to identify an insecure website
With Google Chrome, you will be alerted whether or not you can visit the site safely or privately. This is usually shown with three security symbols:
- The green lock that indicates ‘Secure’
- The white info icon that indicates ‘Info or Not Secure’
- The red hazard sign that indicates ‘Not Secure or Dangerous’
Secure means the information you send through to the site is private. This, however, is not fool proof. It is always a good idea to check the location bar of the website and see whether it is displaying the website’s proper name.
Info or Not Secure means the site you are visiting does not have a private connection and someone may be able to access the information that you send through to the site, such as your logins and banking details.
If you see a “Login not secure” or “Payment not secure” message, refrain from entering any sensitive details, like passwords or credit card details.
Not Secure or Dangerous messages means the website you are accessing does not have encryption and all private details you enter are privy to hackers and cyber-criminals. If a site is Dangerous, it has been flagged unsafe by Safe Browsing and using this site will put your private details at risk.
SSL vital for internet browsing safety
All websites need to undergo a SSL set-up in order to obtain a certificate authority, called a domain validation. This ensures that before you access any site, your SSL software will be analyzing the site entered into the location bar and identifying its authenticity as a domain. It will also assess whether its security encryption certificates are up to date.
SSL is a standard security technology and works by establishing an encrypted link between a website and a browser. This is often seen whilst online shopping or when data is shared between a mail server and a mail client.
Unfortunately, there are various malicious or phishing websites on the internet that are labelled as secure, if the owners have obtained SSL certificates in fraudulent ways.
To read more about how SSL Encryption works, click here.
How to access a secure version of a website
While most major sites already use HTTPS for login connections, you may come across a site that uses the insecure HTTP.
3 steps to access a more secure version of a website
- Select the address bar
- Delete http://, and enter https:// and click enter.
- If that doesn’t work or nothing on the page changes, contact the site owner to ask that they secure the site and your data with HTTPS.
Some sites do offer HTTPS but this is not by default. By using SSL technology, your browser is automatically checking this for you and will let you know the safety of the intended site before you access it.
CERTASSURE Inc. is a specialist provider of next-generation SSL and digital signed certificates. Founded to provide small, medium and large enterprises with trusted, easy-to-use and scalable solutions, CERTASSURE Inc.’s business model is centered on its customers and people that serve its customers. Prizing simplicity, value and support for each client, CERTASSURE goes the extra mile to understand their unique operational and industry requirements and turn limitations into opportunities to deliver the most valuable SSL solution.
GET IN TOUCH WITH CERTASSURE