Of course, distrust of the pages that they send you through email or the links of supposed stores that you receive by WhatsApp and that give things away.
Secure browsing
A very simple check is to see that the web is https at the top, in the address bar. It will not give us 100% security but it is something that It will cost us nothing to check and that we can see in just a few seconds. Notice that in the browser bar we see HTTPS and not HTTP.
If you don’t have it, you can find more information. Be suspicious, find out, keep looking and see if there is no alternative page that allows us the same.
Check the legality of the website
Another thing we can always do is go to the legal notice on the website or to the purchase conditions if it is an online store. All the pages where you go to buy through the Internet must have these sections, a section where we can read more information about the company that is behind this page but also everything related to consumer rights.
Other information that we should always look for if it is an online store is what conditions are for return or what payment methods: we must check that it has several different options to make sure it is not safe.
Other safety tips
Regardless of whether a website is secure or not, we must take into account a series of aspects that will improve our security. The first thing, as we say, is to check everything related to the page and use common sense. In the chaos of being a store, look at all the details and look for information about it: look for the means of payment, contact information, profiles on social networks, reviews on Google, opinion pages, forums, opinions of other users.
In addition to the information, always remember to use secure payment methods such as PayPal instead of adding your bank account or your card, as it can pose a risk. And we must also take care of the device from which we are going to access the web or to make the purchase: update all the devices so that the operating system and the browser have their latest version, install an antivirus or any program capable of detecting malware on both your phone and your computer. And, of course, always avoid public WiFi networks if you are going to give personal data on a web page. It does not matter if it is a secure website, always try to wait to get home or use a VPN if you cannot wait and it is an open network.
Browser tools
There are browsers, like Google Chrome, that give us clues as to whether the connection is secure or not. They explain the following from the Google browser’s own help page: “To find out if it is safe to access a website, you can check the security information for that site. Chrome alerts you if you cannot access the website safely or privately. ” It does this with icons that you have seen many times and that will appear in the upper left part of the toolbar.
Google gives us three different icons to check the security of a site: a padlock, an information icon and a danger icon, as you can see in the image below. The padlock tells us that it is secure and that the information you send or receive is private. The second icon, with an “i” in a circle, indicates that the site does not use a private connection and that it is likely that another user can see or change the information that you send or receive through that site. And, finally, it will show us a red danger icon that indicates that a site is not safe or dangerous: “We recommend that you do not enter personal or private information in this page. If possible, do not use this website. ” In addition, Google adds two differentiations: that it is not safe because it has a serious privacy problem or that it can be “dangerous” and it is better that you avoid this site.
In any case, the browser itself will give us very graphic clues to know if a website is reliable or not. It will not always be right but we should keep it in mind.
Websites to check phishing sites
Beyond checking it manually, there are a series of websites or projects that allow us to check if a website is safe or tries to steal your data.
PhisTank
PhishTank is an OpenDNS project that offers a website to check if a website is malicious and is being used to steal user data. What it offers PhishTank is a search engine in which we have to indicate the name of the domain whose intentions we want to check and that also offers an API so that developers can use it.
It is an easy-to-use page where we can know if a site is phishing or is it a reliable site that we can navigate without any problem. What PhishTank basically does is check a huge database with the addresses and names of all the websites suspected of stealing user data. Once you have verified it, you can tell us whether or not the website we are consulting is reliable and we will take action.
We simply have to go to the web page and we will see a box that indicates: Found a phising site? Get started now. In the search box, enter the URL that interests you. Once you have copied it, you tap on the corresponding button: Is it a phish? In a few seconds the web will give us an answer: it is or it is not a phishing site. But keep in mind that it is not an infallible option since it may not have been registered yet by other users.
VirusTotal
It is not the only one … There are other websites like virustotal that allows us to enter a URL and scan it to detect possible problems. It is very easy to use because we simply need to go to the section “Url”On your main website and copy here the address of the website we want to see.
After a few seconds, the VirusTotal website will give us a result. We can see if you have detected a problem or not. Make all kinds of filters and scanners and combine several different tools. What will come out next is a list that tells us what is detected as clean and what is not. Also, we can see some more details that tell us when was the last analysis, when was the first consultation, etc.