Tag: website security

Checking for Website Security

Legions of websites encourage you to shop on their site or to use their credit card or to pay your bills online. While it is enjoyable and convenient to shop or pay bills online, it is important to know if a site is secure before you type in your personal information. You want to be sure your transaction is protected by the Secure Socket Layers (SSL) protocol. This protocol is a Payment Card Industry standard for securing websites. Companies use SSL to keep your information encrypted and authenticated so third parties (people who would like to steal your data) cannot see what you send to the secure site. There are several ways to tell if a website is using SSL.

Look for the letter S to be added to the standard http in the address line in your search engine. A secure web address looks like https where “S” represents “Secure.” This indicates the site is using SSL on the server so it is safer for you to add your personal information on this site. Some commercial companies use a non-secure website for you to browse their products. When you go to pay for something, they then switch over to a secure website for payment information.

Check for a yellow padlock or key icon on the webpage.  These symbols also indicate the website is using SSL. In Internet Explorer, the padlock or key appears to the right of the address box while in Firefox the padlock or key appears in the address line. Firefox also indicates secure transactions by adding a yellow highlight to secure addresses. Sometimes the padlock or key will also appear in the bottom of the window.

Click on the yellow padlock or key for an additional check on the level of security. These icons represent a certificate of authenticity for a website. Internet certification authority companies like Verisign and Equifax Secure issue certificates to websites which meet industry standards. When you click on the icon, it should display more information about the website’s encryption and authentication information. You can click on “View Certificates” to see more information about the website and whether it matches with the address being used.

Spoofed and fake websites creators are becoming very innovative in making their sites look like commercial sites. Even fake sites can be encrypted, so having a “secure” connection is not any guarantee that the web site is legitimate. In addition to checking the address and for icons, try clicking in links and other images on the websites to see where you go on the website. Also look carefully at the address line and make sure it is spelled correctly.  If the address line is not similar to the web site name, the site could be a copy of a legitimate site.

According to OnGuardOnline, another check of the security of the site is a phone number and physical address for the company so you can call or visit the company.

 

 

Do You Really Want to Do Business Here? Checking Out an Online Business

It is easy to make trust judgments about a physical business. You can walk in their front door, greet the clerk, touch, feel and see merchandise, and return a defective product to the store. Online, you don’t have the luxury of walking into a physical place, so it is more difficult to tell if a web business is legitimate. Some web-based stores may actually use logos which resemble a trusted name brand, but are not associated with the company at all. The Internet is a vast space and putting up a web site is relatively easy. Consumers who use online businesses need to do their research before turning over their credit card number.

First, get to know the website you plan on using. According to OnGuardOnline.Gov, when you find a website you want to do business with, confirm the company’s physical address and phone number. Look at the returns policies and delivery times for the company.  Those should be clearly spelled out so you are not guessing what to do if the item does not fit or is poorly made. Also, know what you’re buying by looking at the physical description, especially the fine print, and to know exactly how much your item will cost including shipping. OnGuardOnline also recommends using a credit card for your purchases as well as keeping the records of your transactions in case there are discrepancies.

You can also check the company’s website address to see if the website is genuine. Start by investigating the web address of the site or the URL. Spoof websites will have website address which look very similar to a legitimate address, but might have additional letters or be misspelled. You can take the URL to InterNIC, the folks who assign IP address and domain names, and do a “Search Whois?” Type in the URL address into the dialog box and press “Submit.”  Do not include http://www. Here you can find information about who registered the website and see if it matches the information on the contact page for the site. The dates the site was registered and updated are also available.

Look for stamps of approval from other businesses and consumer reviews. Search for the company and read reviews of the product or service you are thinking of buying. Check to see if there is a Better Business Bureau’s Reliability Seal, or the Good Housekeeping Seal, or other Internet trust organizations. Before you purchase your product and enter in your credit card information, a locked padlock should appear next to the URL line. This indicates the company is using VeriSign which encrypts your financial information so it is not sent out as text over the Internet. It also certifies that the company is who they say they are. If there is a warning after you click on the padlock, the site might be a scam. Never give out your financial information over email say the folks at OnGuardOnline.

Finally, if you got scammed, report it to agencies like OnGuardOnline, the Better Business Bureau, your state’s attorney general’s office and consumer protection division, and the Federal Trade Commission.