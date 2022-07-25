377053/Pixabay

Checking the ‘HTTPS padlock’ of the site is one of the ways to know if it is secure



THE Internet is increasingly present in our daily lives, whether for fun, business, shopping or study. From young to old, web browsing has become indispensable for the country’s society and economy. However, with its growing number of users, the number of incidents involving malicious websites has occurred frequently. “Phishing” is the term given to malicious websites that copy the entire layout of a web page to trick users. Most used on online sales sites, phishing aims to capture user data such as name, password, credit card data, etc. But how do you know if a website is trustworthy? Check out 5 tips to identify and avoid suspicious websites:

Make sure the site has the “HTTPS padlock”.

TLS/SSL are security techniques that activate the HTTPS protocol on the website, it ensures that data exchanges between the user and the website server, making it difficult for third parties to intercept, among other factors, the URL (page) you are accessing. It can be identified by the “lock” or https before the link. While the use of HTTPS does not mean that the site is secure, it is a minimum layer of security required for exchanging information, so if a site does not have this protocol, do not share your information.

Check the website’s domain and URL.

As simple as it may seem, cloned sites simulate the URL of the original. Although not the same, a simple check can make a difference. For example:

www.submarino.com.br (official)

www.megapromocaosubmarino.com.br (false)

www.submarim0.com.br (false)

Criminals take advantage of users’ innocence by drawing their attention to the page’s content. Make sure you are on an official link, checking every detail between letters and numbers. Other variations of the same blow is you check if at the end of the site name, the domain is the official one. For example:

www.jovempam.com.br (official)

www.jovempan.co (false)

www.jovempam.net (false)

note: Good site administrators are concerned not only with registering your main domain, but also with several possible variations precisely to try to avoid this type of scam.

Avoid clicking on ad links and banners.

As we browse the internet, various advertisements are shared on social networks, research sites, entertainment, etc. In order to provide more pleasant content to the user, several advertisements are generated based on their internet browsing. However, some of these advertisements can present unmissable and very attractive content, and when clicking on the ad, the user will be directed to a malicious website. Therefore, appealing advertisements should be avoided. Enabling ad blockers can improve your experience and provide safety while browsing.

Observe the layout and information provided by the company.

Website copies tend to be more and more sophisticated and very similar to the original, however, some don’t care about the refinement of the page altogether. Details such as distorted or low resolution images, misspellings and lack of owner information are signs of possible fraud. Also check the information that the responsible company must make available, such as CNPJ, contact details, terms of use, privacy policy and security seals.

Search the website name/URL on the internet (and compare results!)

A simple Google search with the name of the site you are accessing can already indicate whether another similar site will appear, with a higher ranking in the appearance. You can compare both, or even accept the analysis that many search engines have, such as “Google Chrome”, in which “This site appears to be unreliable” appears. User reviews on Google or Reclame Aqui referring to the site you are trying to access is also an excellent way to check its reputation. There are also tools capable of pointing out if that site has a history of personal data leakage; just access the CADE MY DADO portal (https://cademeudado.com.br) and enter an email that you usually use and observe in the results if the site in question appears in the list.

Other more advanced ways to validate the site is by checking the National Domain Registry in Brazil (registro.br and nic.br) if the URL is really owned by the desired company. It is also possible to use verification tools on other websites, such as WHO IS, available at: https://registro.br/tecnologia/ferramentas/whois.

Bonus: Protect your computer!

Antivirus software has a wide variety of security tools, providing complete protection from personal files to internet browsing, using an updated database of viruses, malware and malicious websites. Every computer that accesses the internet must have, at a minimum:

An Antivirus: To Prevent Malicious Software

An Antispyware: To make it harder to track your browsing

A Firewall: To block connections from hacker attacks

An Adblock: To block targeted ads

If, even with all this, you are still suspicious of the site, check if in the Privacy Policy of the site you have the contact of the Data Protection Officer – DPO / Data Protection Officer, a mandatory professional for all companies in Brazil by the General Data Protection Law. Data (LGPD), which must have your information publicly available, including contact details. This professional can and should give you clarification on how the company protects your personal data. In doubt? Ask to speak to the DPO.

