Which of the following appears in the Web browser when you are connected to a secure website?

With more people storing personal information on their computers, it has never been more important to protect yourself from internet predators looking to gain access to your files. One of the many ways they can do this is by attacking your computer or trying to gather your information from an infected or malicious website you may visit, even if only once. The best thing you can do is to avoid malicious websites altogether.

Índice Show

Things to look for in a secure website
Protect Yourself
Understanding HTTP and HTPS
Website Security Certificates
When Certificates Don’t Check Out
Not Secure When Using HTTP
Your Connection Is Not Private
Dangerous Websites
Fixing Constant “Your Connection Is Not Private” Errors
Security Certificates Keep You Safer

Here are the most prevalent tell-tale signs of a threatening website and some ways that you can protect yourself:

Never click on a link embedded in an email. Even if sent from someone you trust, always type the link into your browser
Use your common sense. Does a website look strange to you? Is it asking for sensitive personal information? If it looks unsafe, don’t take the risk.
Look for signs of legitimacy. Does the website list contact information or some signs of a real-world presence. If doubtful, contact them by phone or email to establish their legitimacy.
Read the URL carefully. If this is a website you frequent, is the URL spelled correctly? Often times, phishers will set up websites almost identical to the spelling of the site you are trying to visit. An accidental mistype may lead you to a fraudulent version of the site.
If it looks too good to be true, it probably is. Is the website offering you a product or service at an unheard of price? Or maybe they are promising you a huge return on investment? If the offer looks too good to be true, trust your instincts. Do some research to find reviews or warnings from other users.
Check the properties of any links. Right-clicking a hyperlink and selecting “Properties” will reveal the true destination of the link. Does it look different from what it claimed to lead you to?

You should also always be on the lookout for the clues and telltale hints that you are on a malicious website. After all, it is by smart people noticing something wrong and reporting it that the above tools can do their job.

Things to look for in a secure website

When visiting a website that asks for sensitive information such as credit card numbers or your social security number, the first step you can take to securing your privacy is creating a strong password. Equally important is verifying that any information you enter on this site is transmitted and stored properly. Once your information is entered online, it is transmitted as plain text for anyone to intercept. To avoid this, make sure that the website is encrypted over a secure connection.

One such sign to look for is in the URL of the website. A secure website’s URL should begin with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an SSL (Secure Sockets Layer) connection. Your information will be encrypted before being sent to a server.

Another sign to look for is the “Lock” icon that is displayed somewhere in the window of your web browser. Different browsers may position the lock in different places, but a few examples of what it may look like can be found here:

Google Chrome

Clicking on the Lock icon will give you detailed information on the security status of this website

Mozilla Firefox

With Firefox, the Lock icon may not be displayed directly. Clicking on the site’s icon next to the URL should reveal the Lock icon and the secure verification

Internet Explorer

Clicking on the Lock icon will give you detailed information on the security status of this website

Be sure to click on the “lock” icon to verify that a website is trustworthy. Do not simply look for the icon and assume a website is secure! Your web browser will have detailed information on the website’s authenticity if you click on the icon, so be sure to read this carefully before entering any of your information on the site.

Protect Yourself

Utilize your internet browser’s security tools

Be sure to install the most current version of your web browser. Most browsers have sophisticated filters that can identify and warn you of potential security threats. For information on browser-specific security tools, explore their security features here:

Internet Explorer

Mozilla Firefox

Google Chrome

Make sure that the proper online protection tools are enabled for your Anti-Virus Software

McAfee’s SiteAdvisor

Norton’s Safe Search

You may also want to consider downloading an add-on for you browser that is specially designed to identify any unsafe elements of a website

Web of Trust

AVG Link Scanner

Take advantage of your search engine’s security features

Google has a secure version of its search engine. Simply visit https://google.com when conducting any Google search. You can read more about that here.

In your Google settings, turn on the “always use HTTPS” function through the following steps:

To disable or re-enable this feature in Gmail:

Sign in to Gmail.
Click the gear icon
in the upper-right corner, and select Mail settings.
In the General tab, set ‘Browser Connection’ to ‘Always use https’ or ‘Don’t always use https.’
If you’ve never changed the setting before, no radio buttons will be selected, even though the default is indeed ‘Always use https’.
Click Save Changes.
Manually change the URL to http://mail.google.com to start accessing Gmail via http.

If you see https, the session between the web server and the browser on the mobile device you are using is encrypted. You can easily identify web servers that have https configured by looking at the Uniform Resource Locator (URL) in the web address bar of your browser.

Hypertext Transfer Protocol Secure (https) is a combination of the Hypertext Transfer Protocol (HTTP) with the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol. TLS is an authentication and security protocol widely implemented in browsers and Web servers. SSL works by using a public key to encrypt data transferred over the SSL connection. Most Web browsers support SSL. It allows you to communicate securely with the web server.

You’ve probably noticed that your browser marks websites as Secure, Not Secure, or even warns you about imminent danger when you visit one. Have you ever wondered how it knows about the safety of websites like this?

Let’s look at website security certificates and how your browser determines this information.

Understanding HTTP and HTPS

We looked at the differences between HTTP and HTTPS when we explained why Google Chrome was starting to mark websites as Not Secure. In summary, HTTP is an essential protocol that allows your browser to request and load information from the internet.

But because HTTP doesn’t offer any security on its own, many sites use HTTPS, which encrypts the connection and provides identification information for the owner of the site through a certificate. With HTTPS, it’s less likely that outsiders can snoop on the traffic between your computer and the website you’re visiting.

Website Security Certificates

To maintain trust between users and websites, website owners can obtain a security certificate to show that their site is properly secured. Typically, they do this by paying a certificate authority, like GoDaddy or Norton, and following some instructions from the authority to prove their website is authentic.

Once this is done, their site has an approved certificate that it shows to visiting browsers. Meanwhile, your browser (whether Chrome, Firefox, or something else) keeps a list of trusted certificate authorities.

When you visit a website using HTTPS, your browser checks the site’s certificate against its own list. If the certificate is valid and comes from an authentic provider, your browser tells you the site is secure.

When Certificates Don’t Check Out

While this check often works out fine, there are times where your browser doesn’t like what it sees. Let’s look at some of the reasons this can happen.

Not Secure When Using HTTP

As mentioned above, Chrome (and many other browsers) now show Not Secure when you connect to a site via HTTP.

While HTTP sites aren’t necessarily dangerous, you should be careful about what you enter on them. The information you enter in the website is not encrypted, meaning anyone who intercepted it could read it.

Your Connection Is Not Private

When something is wrong with a supposedly secure website’s integrity, your browser will throw up a warning page that says Your connection is not private or similar. This is a more serious warning than the above, so you should pause when you see it.

Your browser will give you some information about why it’s showing this warning. Some common reasons include:

ERR_CERT_DATE_INVALID: This often appears when the certificate is out of date. Because certificates expire after a set time, websites must renew them regularly.
ERR_CERT_AUTHORITY_INVALID: This usually happens with a self-signed certificate, meaning the website issued its own certificate instead of paying a trusted authority for one.
ERR_CERT_REVOKED: You’ll see this when a site used to have a certificate, but it was removed by the issuing authority. This often happens when the site engages in foul play.

There are other security certificate errors, but these are some of the most common. Have a look at badssl.com for example pages that illustrate these and other scenarios.

If you see one of these errors, you can click the Advanced button to show a Proceed to [site] (unsafe) link that will let you visit it anyway. Exercise caution when you do this; if the site’s certificate is invalid, it’s likely that the site was compromised and is no longer safe.

Dangerous Websites

If you see a big red screen warning that you’re about to visit a deceptive site, your browser has identified your destination as not only insecure, but actively dangerous. This often means you’re about to visit a site that hosts malware or wants to phish your information.

You can click Details to open a link that lets you proceed to the page, but for your safety, you shouldn’t do this.

Fixing Constant “Your Connection Is Not Private” Errors

If you see the “Your Connection Is Not Private” error on every website, something is wrong. Sometimes, this can happen because your computer’s clock is wrong. On Windows 10, head to Settings > Time & Language and check the boxes to Set time automatically and Set time zone automatically so you don’t have to worry about it.

Another common reason you’ll see this message on every site is because you’re on a public Wi-Fi network. Often, free public Wi-Fi requires you to visit a login page and agree to its terms before you use it. Because the network can’t show this page when you try to visit an HTTPS website, you’ll see a security error instead.

To fix this, visit an HTTP site, like example.com. You should see the Wi-Fi network’s login prompt; after accepting it, you’ll be able to browse normally.

Security Certificates Keep You Safer

Now you know about website security certificates and what the various messages around them mean. However, it’s important to keep in mind that just because a site is marked as secure doesn’t mean it’s safe.

For example, a fake website designed to steal your info could use an HTTPS connection. If your browser doesn’t catch it as a dangerous page, it might fool you into thinking it’s the real deal. This is why you should always double-check that you’re on the right website before entering sensitive information.

For more like this, read our explanation of what happens when you visit a website.