Do you know what a safe website looks like? Many of us think we do – but most of us could use a refresher.
A recent survey from Google and Harris Poll shows that we’re not as sharp in online security as we think we are. In fact, 73% of Americans between the ages of 16 -24 said they could tell the difference between a website that protects their private information and one that doesn’t, but only 23% of these young people could confirm that a link with “https” (not “http”) is most secure. The missing “s” means the website you are visiting is not encrypted.
A client who is newly divorced reaffirmed how challenging it can be to determine a good marker of a secure website. The client’s ex always handled online payments, and they had no idea what a reCAPTCHA was or why it existed.
- Article Continued Below -
Shulman Law Firm publishes daily articles in family and divorce law.
This article will hopefully provide you with some practical information about website security, and how to know which sites are safest.
Signs of a Secure Website
Secure Socket Layer (SSL) Protection
SSL certificates are used by many websites, including banks and financial institutions. This also activates the “https” protocol. There are many versions of this protection and it is usually identified by a little padlock next to the website at the top left of the screen. You can click on that padlock to learn more about the website and its certificate. Sites that have this feature have been verified by a third party, and their communications are encrypted to protect that information from hackers. You should only perform financial transactions with websites that have valid SSL certificates in place, but try to stay away from any site that does not start with “https.”
Two-Stage Entry and Two-Stage Authentication
These are similar but different. Two-stage entry is when a website asks for your login information (usually a user name or email address) and then generates a second page that asks for your password.
Two-stage authentication is when you log in to a website, and then you receive a second prompt on another device to confirm that it is you trying to access the account.
Both of these methods are enhanced forms of security, and generally speaking, both are helpful in reducing identity theft. However, as a user you still need to be vigilant and really look at the login pages.
Always look at the URL (address bar) to make sure it matches the site you want to enter. It if it looks wrong, don’t take the chance.
A reCAPTCHA is an authentication program that is currently owned by Google. It is used by websites to verify that an actual person, and not a bot, is trying to access a website, submit a form or complete some other action. There are a few versions of this program, but the most common ones require you to reenter a series of numbers and letters that look slightly warped, or select specific images from one larger photo that match the item being described.
Yes, interacting with this safety feature can be annoying, but it does help reduce spam and abuse from bots that are programmed to attack websites. That being said, reCAPTCHAs alone cannot provide full protection.
Watch Out For
Misspelled Web Addresses
Try to make a habit of actually reading URLs before you dive into a site to avoid being misdirected to a dangerous look-alike page. Hackers will try to make fake websites look as authentic as possible.
Credit Card Authentication
You don’t see these much anymore; however, there was a time where information boxes would appear and require you to enter your credit card information in order to prove that you are an adult.Do not provide any information to this type of authenticator. In recent years, more and more hackers have gained access to these programs and used them to steal your identity or charge purchases to your credit.
Still Not Sure?
If you still aren’t sure, err on the side of caution. You don’t have to do banking or make purchases online, and in some cases, it may be worth the drive. If you have a service number for the company or financial institution you can always call them to confirm the site is safe to use. Taking a little bit of extra time can save you a lot of money.