How to Identify and Protect Yourself from an Unsafe Website
With more people storing personal information on their computers, it has never been more important to protect yourself from internet predators looking to gain access to your files. One of the many ways they can do this is by attacking your computer or trying to gather your information from an infected or malicious website you may visit, even if only once. The best thing you can do is to avoid malicious websites altogether.
Here are the most prevalent tell-tale signs of a threatening website and some ways that you can protect yourself:
- Never click on a link embedded in an email. Even if sent from someone you trust, always type the link into your browser
- Use your common sense. Does a website look strange to you? Is it asking for sensitive personal information? If it looks unsafe, don’t take the risk.
- Look for signs of legitimacy. Does the website list contact information or some signs of a real-world presence. If doubtful, contact them by phone or email to establish their legitimacy.
- Read the URL carefully. If this is a website you frequent, is the URL spelled correctly? Often times, phishers will set up websites almost identical to the spelling of the site you are trying to visit. An accidental mistype may lead you to a fraudulent version of the site.
- If it looks too good to be true, it probably is. Is the website offering you a product or service at an unheard of price? Or maybe they are promising you a huge return on investment? If the offer looks too good to be true, trust your instincts. Do some research to find reviews or warnings from other users.
- Check the properties of any links. Right-clicking a hyperlink and selecting “Properties” will reveal the true destination of the link. Does it look different from what it claimed to lead you to?
You should also always be on the lookout for the clues and telltale hints that you are on a malicious website. After all, it is by smart people noticing something wrong and reporting it that the above tools can do their job.
Things to look for in a secure website
When visiting a website that asks for sensitive information such as credit card numbers or your social security number, the first step you can take to securing your privacy is creating a strong password (link to infosec site). Equally important is verifying that any information you enter on this site is transmitted and stored properly. Once your information is entered online, it is transmitted as plain text for anyone to intercept. To avoid this, make sure that the website is encrypted over a secure connection.
One such sign to look for is in the URL of the website. A secure website’s URL should begin with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an SSL (Secure Sockets Layer) connection. Your information will be encrypted before being sent to a server.
- THE LOCK ICON
Another sign to look for is the “Lock” icon that is displayed somewhere in the window of your web browser. Different browsers may position the lock in different places, but a few examples of what it may look like can be found here:
Be sure to click on the “lock” icon to verify that a website is trustworthy. Do not simply look for the icon and assume a website is secure! Your web browser will have detailed information on the website’s authenticity if you click on the icon, so be sure to read this carefully before entering any of your information on the site.
Utilize your internet browser’s security tools
Be sure to install the most current version of your web browser. Most browsers have sophisticated filters that can identify and warn you of potential security threats. For information on browser-specific security tools, explore their security features here:
Make sure that the proper online protection tools are enabled for your Anti-Virus Software
In your Google settings, turn on the “always use HTTPS” function through the following steps:
To disable or re-enable this feature in Gmail:
- Sign in to Gmail.
- Click the gear icon in the upper-right corner, and select Mail settings.
- In the General tab, set ‘Browser Connection’ to ‘Always use https’ or ‘Don’t always use https.’
If you’ve never changed the setting before, no radio buttons will be selected, even though the default is indeed ‘Always use https’.
- Click Save Changes.
- Manually change the URL to http://mail.google.com to start accessing Gmail via http.