The “S” in HTTPS stands for “secured.” It was introduced in 1995, so older websites that have been left on their own without regular maintenance usually don’t have it. But even to this day, insecure websites exist, and fraudsters can easily take advantage of them.
When you visit a site with an HTTP connection, everything you type or click on that website is sent without encryption. This means that anyone who intercepts the data transferred between the website and your computer can view them as is. Cybercriminals know this, and they can exploit this fact to gain access to your Social Security number, credit card information, and other personal data. This puts you at risk of identity theft and other fraudulent activities.
How does this affect our daily browsing habits?
- If your browser marks a website as “unsafe,” think twice about clicking “Proceed anyway.” Click the prompt only if you are absolutely certain no confidential data will be transmitted.
- Add web browser extensions such as HTTPS Everywhere that create encrypted connections to unencrypted websites. These extensions encrypt your communication with websites and are compatible with Chrome, Firefox, and Edge browsers.
- Always be vigilant. Some sites may have HTTPS, but it doesn’t mean they’re safe. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but the misspelling clearly indicates that it’s an untrustworthy site. Cybercriminals use similar spellings of authentic websites to fool people into thinking that they’re on a secure site. This is called typosquatting or URL hijacking.
- And perhaps, just follow the easiest step of all: avoid sites that don’t use the HTTPS prefix.
If you want to learn more about safer browsing habits and endpoint security, give our office a call.