One of the ways hackers compromise websites is to compromise the computers and mobile devices used to access them from the back end. One of the ways they do this is by tricking users into visiting compromised websites. This means that in addition to installing robust security protection on your website, computers, and mobile devices, you need to make sure that all your staff members know the answer to the question “How do I check if a website is safe?”
How do I check if a website is safe?
The question “How do I check if a website is safe?” can really be divided into two parts. First of all, you want to check if a website is safe to view at all. Secondly, you may want to check if a website is a safe place to download files and/or enter sensitive data.
Start by checking the link
Anti-malware scanners and firewalls do a great job of picking up malicious links, but they are not 100% guaranteed to pick up 100% of all malicious links. This means that the golden rule remains to think before you click. There are three points, in particular, you want to check.
Does the link have strange characters in it?
If a link has strange characters in it, there is a very strong chance that it is malicious. This is because people who want to create legitimate websites generally try to use names that are easy to remember and spell. When you see strange characters in a link, it usually means that someone is using link encoding to hide the true nature of the website.
Is the link embedded?
There are legitimate reasons for using embedded links, especially on websites. They can make a text look much tidier and easier to read. The problem with them is that they conceal the true nature of the link.
This isn’t really an issue on a website that has been established as trustworthy. It can, however, be a major issue in emails, even if you trust the sender, they could have been tricked themselves. In fact, it has become so much of an issue that many people have stopped using them in legitimate emails to make it clear that they have nothing to hide. The safest approach to embedded links in emails is to ignore them, they are usually spam, but if you must make sure, right-click on them to see the full link.
Is the link shortened?
As with embedded links, there are legitimate reasons for using short links, especially in social media messages. Social media posts cannot (yet) use embedded links and full-length links can look really untidy (and gobble up character limits). Sadly, as with embedded links, the nature of short links means that they conceal the details of the website to which you are being directed. This means that tedious as it might be, it is very much recommended to ignore short links unless they look really interesting in which case, use a URL expanded to see the full link before you decide whether or not to click it.
Check the website itself
Checking the link thoroughly establishes whether or not it seems to be safe to take a look at a website. It does not necessarily establish that it is a safe place from which to download files or to enter your data. If you are thinking about doing this, then you need to do further research.
One easy test is whether or not you can see HTTPS and a padlock in the site’s address bar. This is reassuring but sadly not total reassurance, even though it is often advertised as such.
The fact is that it is relatively easy to implement HTTPS on a website. This means that it is increasingly common for criminals to use it to make visitors feel that they are safe. Hopefully, this loophole will be addressed soon, but for the present, HTTPS on its own is not a complete guarantee that the website is safe.
It’s also fair to say that the absence of HTTPS does not necessarily mean that a website is insecure. Even major websites often only implement it on key pages. The fact is that the extra layer of security takes extra time to process - and modern internet users are notoriously impatient.
This means that regardless of whether or not a site has HTTPS, visitors should still apply basic “common-sense” checks, such as looking at the quality of the website and the deals on offer and checking for a privacy policy and contact details.
Please click here now to have your website scanned, for free, by cWatch from Comodo.
© 2024 Comodo Security Solutions, Inc