Being cautious about where you go has always been essential to our survival and it’s no different in the digital jungles of today. Before you next click on a link or hand over your credit card details online, scroll down for the ultimate guide on how to verify the security of a website. Plus, if you own a website, you can use this checklist to help ensure that it’s trustworthy. Knowledge is power but we’ll also help arm you with the tools you need to stay safer online: Discover Avira Free Security. 35 years of online security expertise distilled into a single solution that helps shield your privacy and protect the digital you.
Check if a malicious link is safe with these visual clues
There are a few red flags that are easy to spot so you’ll quickly feel safer on a website (or close that window fast!). Let’s start at the top—literally—because that’s where a website’s trust seal is located. This is a security symbol that appears to the left of the website name and indicates how secure and private the connection between your device and the website is. Be fussy when you check URL safety! Only the first icon on the list below will do.
- A padlock stands for a secure and private connection.
- A hazard sign is a warning not to visit the intended site as malware could be lurking there.
- An info symbol in a circle means the site is not fully secure and still using HTTP (more on that below).
Now, look at the site URL—these are the letters in the browser tool bar that come after the security symbol. The first letters will be either HTTP or HTTPS and the difference is significant! You’re probably familiar with these terms but might not be sure of the difference a single missing “S” can make to site security! If you only see HTTP, it means that the website is not encrypted so your activity isn’t private, and others can eavesdrop on your digital communications. If a website has HTTPS in the URL, then it has an extra security feature provided by an SSL certificate. This is a layer of encryption that adds an extra layer of defense against cybercriminals who may try to intercept your data as it travels from server to server.
URL checker summary: When verifying URL safety, look for “HTTPS” and the lock icon. These are two vital indicators that your communication to the website is secure…or not. But your work within the address bar isn’t done yet. Now double-check the site name because cunning cybercriminals can create fake webpages with URLs that sound like the real thing. So, you could be tricked into logging in or making a purchase on a dodgy website where cyber-thieves are waiting to hoover up your personal data, like billing information and address. They can then impersonate you online, help themselves to your bank account, or even apply for a credit card in your name. Thwart their attempts by looking out for these common giveaways that you’re probably dealing with a fake website:
- The URL starts with only numbers.
- The URL contains hyphens and symbols.
- There are spelling mistakes (e.g.: Amazon v. Amaz0n).
- The second part of the URL seems odd: In determining who really owns a domain name, the two righthand parts of the name that come between the full stops are all that matters. So, www.citibank.scammer.com is really scammer.com
Tempted to click on a link in an email? Hover over it with your cursor before you click, and you’ll reveal the underlying URL, which could be very different to what you were expecting. Hover before clicking to save yourself a trip to an unsafe website!
Now try this little test. Play this game of “check the web address”. Which are unsafe?
http://80.143.76.350/ebay.com/
http://amazon.customer_login.de
www.google-search.com
ClTlBANK.COM
Yes, it’s all of them! None have HTTPS encryption, plus the first features the dreaded string of letters. The second didn’t fool you with its “Amazon” naming attempt because you know that the real site is “customer_login.de”. And obviously you spotted that “google-search” has nothing to do with the real Google.com. CITIBANK contained a well-hidden lower-case L masquerading as an upper-case “i”.
If you’re worried about landing on potentially harmful websites (and we all should be), there’s always Avira Secure Browser. You can browse, message, and shop in greater peace while it helps to block online threats and can even control trackers. With an easy, customizable design, it promises more privacy, security, and control. Give it a go and see what you think!
Is it secure and legitimate? How to inspect webpage content
You’ve hopefully now established whether a specific website is secure. But is it legitimate? That’s another question altogether. The website content and overall design hold clues. If it looks like it was thrown together in a rush by someone with poor spelling, grammar, and web design skills, then it’s advisable to stay away. Also, check for a privacy policy and contact information. Contact details alone aren’t enough to persuade you of a website’s safety as they may not be genuine, but they do show that there is someone to get in touch with and many malicious websites don’t bother with them. The privacy policy outlines how the company that owns the website collects, uses, and protects user data. Again, it’s no guarantee of a trusted website, but secure sites are far more likely to demonstrate their customer care by having one. Also, many countries (including the U.S., Canada, and Australia) require them by law. It’s a great habit to review a site’s privacy policy before handing over your personal information (yes, it can be tedious to read—patience really is a virtue). This helps you understand how your data will be stored and managed, who has access to it, and if it will be shared with third parties.
Look out for customer reviews and trust badges (e.g.: PayPal and American Express icons). If you’re looking to buy from a company for the first time, doing a little research can help protect you from potential scams! Google the company name and look for the experiences of other customers. Social forums like Reddit can also offer useful insight into whether a business is ethical and how it treats its customers. Trustpilot is another great way of checking out customer experiences. Just please be sure not to blindly trust seals of approval as scammers sometimes copy and paste logos from trusted companies! In theory, you should be able to click on the trust seal to verify it.
Finally, who’s really behind the online content you’re looking at? Thankfully, it’s usually fast and easy to verify ownership of a website. Enter the domain name in the WhoIs searchfield to see key information, including the registered individual or legal entity that owns it, when it was created, and is set to expire.
Did you know that you can submit suspicious files and URLs to the Avira Virus Lab for checking out? There’s also a list of the latest malware and their impact rating. Simply scroll down and click on the green button to submit whatever online beast you think you’ve found.
Explore built-in browser protection—and consider extensions
Browsers are considered more secure depending on how well they shield you against online security threats and preserve your privacy using default settings, so you don’t need to adjust the configuration. They can prevent cookies from collecting your private data such as the websites you’ve visited, usernames, and passwords. Let’s take a quick look at Google Chrome as it’s a very popular choice of browser for many of us today. On its website (status: 24 April 2023) Chrome claims that it is “…secure by default, protecting you from dangerous and deceptive sites that might steal your passwords or infect your computer. Advanced technologies, such as site isolation, sandboxing, and predictive phishing protections, keep you and your data safe.” It also promises automatic updates every six weeks, so you always get the latest security fixes. If there are bugs, a solution is pushed out within 24 hours. You can also customize your experience with Chrome’s privacy controls, including managing website permissions, like access to your location or camera.
If you’re interested in which browsers are considered best for website safety, as well as speed and privacy, there are many handy comparisons online. Also take a moment to review your current browser’s security status. Here’s how:
- Chrome: Settings > Advanced > Privacy and security
- Firefox: Options > Privacy & Security
- Safari: Preferences > Privacy
- Edge: Settings > Advanced settings
Browser extensions are extra programs that you download, and they can be useful in plugging gaps in the security and functionality of your browser. Please make sure they come from reputable sites! Avira offers a free Browser Safety add-on that helps protect you from harmful and phishing websites. It can highlight potentially infected sites in your search results, so you’re forewarned! It also helps blocks ads and online tracking, plus helps scan software downloads for potentially unwanted applications (PUAs). It’s available for Firefox, Opera, and Microsoft Edge. For Google Chrome fans, there’s Avira Safe Shopping, which helps you compare online offers from trusted sites, so you’re not tempted by scams and won’t need to double-check the web address.
URL safety alert: These warnings mean stay away!
Sometimes, you’ll be able to tell quickly if a site is likely to be unsafe. Look out for these red flags (and run!):
Search engine warnings: Some search engines serve up warning signs as you attempt to enter a site that’s been marked as potentially dangerous. These warnings aren’t always accurate but worth considering.
On-site spam: If a website is packed with the visual equivalent of spam, complete with flashing warning signs and exclamation marks, that should be trigger that it’s a scam site.
Redirects: Browser hijackers may build malware into sites to automatically redirect users to other potentially harmful webpages. If you suspect this is happening, close every unexpected webpage immediately.
Pop-ups: If entering a site suddenly causes loads of pop-ups to appear, exit immediately as this is often an indicator that the site is laced with malvertising or adware.
Have a robust cybersecurity strategy in place and keep it up to date
Making smart choices—like staying away from unsafe safe websites—is an essential part of protecting your device, data, and even entire digital identity when you’re online. For greater protection and peace of mind, always take a multi-pronged approach to helping keep online risks at bay.
Do you have trusted anti-malware? Robust antivirus from a trusted provider helps protect you against many types of online threats, including ransomware, adware, and phishing attempts. And always keep it up to date! Now read on…
Do you click update reminders away? Beware! Update reminders may be pesky but outdated software can contain security holes that cybercriminals slip through. Software updaters are easy digital helpers in keeping you on top of updates in common software.
Do you have the multiple layers of online protection recommended by online security experts? Avira Free Security (yes, it really is free) blends the essentials mentioned above, with a VPN for safer, more anonymous browsing and a PC cleaner. There’s also a Pro range of Avira solutions available with a monthly or annual subscription.
Unsolicited pop-ups, bad reviews, unsecured connections, suspicious URLs, websites with malware embedded…it’s a digital minefield out there. Knowing what makes a website safer and having technology tools you can trust can greatly help protect and improve your online shopping and other digital experiences. Please enjoy responsibly!