As time has evolved more and more users are resulting to completing tasks online. Companies are making it easier for one to pay bills, shop for various items and much more online. With this increase urge to pay bills and shopping online, comes people who want to make money the easy way and steal the information being given to companies via online. Malicious hackers find various ways to intercept transactions and/or hack sites to gather information that will benefit them. Many people do not know that there are various ways to check for illegitimate sites which include: odd-looking domain names; domain names that don’t start with HTTP and websites displaying a security alert.
Odd-looking domain names:
Some should look over the name of the site carefully before clicking on it by hovering over the name to ensure the name does change from the name they are looking at. Usually, if the name is different than what is listed the site will more than likely redirect one to a scam site. The scam site will then ask for personal information that will likely become compromised, which in turns can lead to a possible headache in the future if the information is used without consent.
Domain names that don’t start with HTTP:
Sites only using HTTP (Hypertext Transfer Protocol) are not secure. When submitting personal information on a unsecured site the information can be seen and/or used by someone else without your consent. HTTPS is the secure protocol of HTTP and it should be used when one communicates personal information online. If the “s” is not added to HTTP and you submit your personal information on the site, your information will likely be at risk. HTTPS helps ensure that the information is secure and no one can intercept the information (such as social security number, credit card number or etc.) being submitted online. HTTPS encrypts messages being sent via website to ensure no one can gain access to the message with a decryption key. Along with this secure protocol comes the need for a certificate. The SSL (Secure Socket Layer) is the certificate that goes along with HTTPS and it has to be current in order for it to be acknowledged by a web server for approval. If the web server does not approve the SSL certificate (invalid certificate) then the site cannot be used as a certified secure site until the certificate is updated. Most website will say whether the site connection is secure and if the certificate is valid. This information is usually found at the beginning of a website address bar (it looks like lock or information icon).
Websites displaying security alertÂ
Scammer have found many ways to compromise normal processes of online activity by showing pop-ups, informing users that the device is infected and need cleaning now or offer free services to remove an infection from the device and in turn they infect it with their “free services”. To help prevent this from occurring regular malware scans should be ran and updates should be performed on a routine basis.
Overall, users should be aware of old looking domain names, sites only using HTTP and security alerts in various ways and forms on the screen. Being aware of these ideas and just being cautious when performing various activities online will help one remain safe and limit their exposure to malicious hackers. No one is 100% when performing tasks online but one can reduce their exposure to cyber criminals by being cautious of their online activity.
Reference:
https://us.norton.com/internetsecurity-online-scams-is-that-website-safe.html
MillerOnCyber 