August 23, 2014

Are Major Websites Always Secure? and How To Protect Yourself

Website development is becoming more and more complex. Having to accommodate for multiple landing pages, signup methods, and various platforms and browsers (mobile, tablet, desktop, android, apple, chrome, Firefox, etc..) it is very possible to overlook some security hole(s) somewhere.

That can be the case for any website, and you should not trust a website with your sensitive information just because it is famous or has been recommended or used by others. Check One Way Your Account Can Be Hacked: A Real Life Example of a Major Website Security Issue.

So how can you protect yourself? (Without going into too much technical jargon)

1 – Always Look For HTTPS://

Before you enter sensitive information into a website check your web browser address bar.  The website address should start with https://  and not http:// . In particular check for https on registration pages, login forms, checkout forms, payment and credit card pages, and when you are logged in to a website and entering sensitive and private info.

At minimum, using an HTTPS connection means that whatever information you submit is encrypted and it will be much harder for a hacker to view it.  The higher the encryption used the harder it gets to decrypt the information.

In addition if the website has it’s SSL (Secure Socket Layer) certificate registered with a public CA (Certificate Authority), you will be able to verify the identity of the website from your browser.

On the other hand any information that you submit under a plain HTTP connection can be compromised by a hacker if they are watching (monitoring) while you are entering the information.

2 -Verify Security and Identity:

Verifying a website security and identity can vary from browser to browser.  The basic rule is when you are browsing a website with a secure connection (https), look for the lock symbol in the address bar and click on it.  Majority of browsers will display a popup box that will show if the website identity is verified or not, and if you are on a secure and encrypted connection.

What you need to look for is: The website address displayed and verified in the popup box is the same in the address bar, and that it says you are on a secure encryption.  Otherwise do not enter any sensitive or private information because you are not on a secure and verified connection.

Here are screenshot examples for Chrome, Firefox and Internet Explorer.

Chrome

Chrome https verfiy

Verify Security and Identity with Chrome

Firefox

firefox https verify

Verify Security and Identity Via Firefox

Internet Explorer

Internet Explorer https verify

Verify Security and Identity via Internet Explorer

 

Protecting your account information from being hacked starts with you. For more information about HTTPS (technical jargon) you can check IETF.org

Leave a Reply

Your email address will not be published. Required fields are marked *