How to know if a website is safe: 10 steps to verify secure sites
October 28, 2021
As the holiday season approaches, millions of gift-givers will be turning to their favorite online retailers to find the perfect presents for their loved ones. Recent predictions forecast Cyber Monday e-commerce sales alone reaching over $11 billion this year. That’s why learning how to know if a website is safe is more important than ever.
Cybercriminals scouring the internet for users with unprotected devices look forward to this time of year. With techniques such as phishing scams, malware, and botnets, attackers can force their way into your databases to get ahold of your most sensitive information. Not so merry and bright, right?
Here is a breakdown of 10 steps for how to know if a website is safe to visit while shopping online, along with ways to protect your technology.
1. Check the SSL certificate
Many people using the internet today are probably familiar with the term HTTPS but might be unsure of its meaning and difference from HTTP.
If you only see HTTP within a URL, you should know that the website is not encrypted, meaning your activity could be visible to online predators. Essentially, HTTPS is a security feature provided by an SSL certificate, which is the part of a URL that encrypts a website. This adds a layer of defense against malicious cybercriminals and protects the site's information as it travels from server to server.
2. Double-check the domain
Cautious web surfers should always double-check the URL of the site they want to enter. If you receive an email from a bank or online retailer, search their name in a browser like Google to connect with their verified domain.
Oftentimes, a cybercriminal will create a malicious website and URL that mimics another high-traffic website to trick users into logging in or making a purchase. This could grant the attacker access to private credentials and billing information that they can then use for credential stuffing. They could also decide to sell your info on the dark web to make a profit.
Secure sites that take the time to create this policy demonstrate their care about their customers’ privacy, along with having a secure site that is safe to browse.
4. Analyze the website design
Cybercriminals often throw together unsecure websites in a short amount of time, ignoring attractive design elements that more popular pages incorporate. Spelling errors and grammar mistakes will likely appear throughout the site as well.
If you come across a website that doesn’t seem to match the intended company’s branding or appears significantly different from what you’re used to seeing, either exit the page or think hard before entering any of your information.
5. Verify ownership
Verifying the owner of a website is great for those learning how to check if a website is secure and it's actually much simpler than many might expect. With the help of Whois Lookup, you can find the name of the registered individual or legal entity that owns the website you’re trying to visit.
If no contact information is present, consider that a potential sign of concern. Think about shopping with another trustworthy retailer or do some more digging until you can locate a person you can directly contact.
6. Find contact information
For some, the presence of contact information can make them feel more comfortable with the website they’re on. Recent studies have shown that 44% of website visitors will leave a website if there is no contact information provided. Though this information won’t protect you from dangerous websites, it shows you there is someone to reach out to if you run into security concerns.
7. Identify (and question) trust seals
One of the best indicators for those trying to learn how to know if a website is safe is a trust seal. Trust seals are icons with the words “Secure” or “Verified” located beside a URL at the top of the webpage. These can be indicators that the site uses HTTPS security and can also demonstrate the use of other security features like periodic malware scans.
It’s not enough, however, to just see a trust seal. Nowadays, attackers have found ways to mimic legitimate seals to trick users. Luckily, confirming authentic trust seals is pretty simple — just click on the badge to see if it takes you to a verification page. This confirms that the site is working with a security partner in charge of protecting the data shared and stored on the trusted website.
8. Look for reviews
If you’re interested in buying from a company you’ve never dealt with before, it’s best to do a little research. Google the company’s name and look into other customer experiences. This form of social proof can help distinguish legitimate businesses from potential scams. Reddit and other social forums are also a good place to get insight regarding a company’s security best practices and treatment of customers.
9. Consider cybersecurity tools
Sure, downloading antivirus software is great for people unsure of how to know if a website is safe or not. But the tools don’t stop there. You should know there are other security tools you can use to protect your systems against malicious software.
A VPN provides a secure and encrypted internet connection for users browsing online. With a VPN protecting your network, hackers will have major trouble using phishing and scareware to get their hands on your most sensitive information. If you’re wondering how to check if a website is safe before entering, there are also website safety checkers you can install that scan and flag suspicious URLs to help identify potentially dangerous websites.
10. Know the signs of unsecure websites
There are times when you’ll be able to instantly tell if you're on an unsecure website or not. From flashing warnings to suspicious pop-ups, these are a few things that could indicate the presence of malware on a site you’ve come across:
- Search engine warnings: While using certain search engines, warning signs may pop up when attempting to enter a site viewed as potentially dangerous. Though these warnings are sometimes inaccurate, it’s best to select a different site instead.
- Spam: Strange websites with flashing warning signs and exclamation marks are telltale signs of malware.
- Redirects: Browser hijackers can embed malware onto sites that will automatically redirect users to other unrelated and potentially harmful web pages. If you come across this kind of tactic, close all unwanted web pages immediately.
- Pop-ups: If you click on a site that brings up tons of pop-ups, exit the browser immediately. This is a good indicator that the site could be infected with malvertising or adware.
As the season of giving draws near, having tools you can use to learn how to know if a website is safe can make your holiday shopping experience even better. This list proves there are several ways to spot unsecure websites while you’re sifting through your gift ideas. Consider using them to better protect not only your holiday festivities but also your privacy and identity.
Cyber threats have evolved, and so have we.
Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.
Try Norton 360 with Lifelock.
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.