MOREnet Blogs

Internet fraud is an unfortunate byproduct of having worldwide access to resources, products and information. Among these risks are phishing scams, malware and ransomware, credential stealing and illegitimate websites.  This post will focus on websites that might not be all that they propose to be and how you can tell it something seems a bit sketchy.

A secure website will have 2 key factors that you can easily verify.

  1. The URL should begin with ‘https’. This states the website is encrypted through the use of Secure Sockets Layer (SSL). This helps to protect data that is traveling between the user and the website.
  2. Check that the website has a certificate that is valid. This can be done by clicking on the icon at the beginning of the URL in your browser. If you enter a website and are immediately greeted with a screen that states that this is an untrusted site, back out. It is best not to enter a site when you get this warning.

You can also take an addition step by checking for the website’s owner and location. These are defined by ICANN –Internet Corporation for Assigned Names and Numbers. Note the details such as the site creation date. An older date may indicate a higher level of reputation. Resources for domain lookups are listed at the end of this blog.

Once you have determined that the website is legitimate and you are wanting to do business with them you need to further protect yourself.

  • Read the fine print on any user agreements including deliver and return methods and fees.
  • If the price is too good to be true it probably is fraudulent or has a number of other problems.
  • Read customer reviews. Read the bad reviews first. Don’t be fooled by an extreme amount of good reviews as many times a company will hire people to write these in order to overwhelm the bad reviews.
  • Check the shipping methods and costs associated. Make sure that you get a tracking number.
  • If you receive an email with an ‘unbelievably special deal’, free prize or request for personal information you should steer away from it. Visit the site directly through your browser instead of clicking on the link in the email. If the offer is legitimate it should appear on the site.
  • Finally, if you decide to make the purchase use a credit card or secure purchasing method such as PayPal. That way, if you are scammed or otherwise deceived, you can challenge the transaction.

What’s the risk?

Visiting unsecured websites can compromise your device via malware or viruses, cryptojacking or ransomware. If you enter personal information such as passwords, social security numbers, banking or credit card information on a malicious site you may be facing a worse dilemma. Your information could be used for identity theft, fraud and to further the spread of phishing and malware.  

Resources:

Check if a site’s connection is secure

ICANN WHOIS

WHOIS.net

WHOISDomaintools.com

Categories: Cyber Security

Leave a Reply