Is that website safe? Here's how to check: Internet Scambusters #1,022
With an estimated 18 million malicious locations on the Internet, website safety is a major consideration for all users.
But how do you know if a site, especially one that is new to you, is safe to use?
We'll tell you in this week's issue, with 10 tips and questions that can substantially reduce the risk of getting caught out.
Let's get started…
10 Ways to Check Website Safety
Is that website safe? That should be the first question you ask when visiting a new Internet page for the first time. But too often it's not - you're in a hurry, perhaps it looks okay, or maybe someone you know sent you the link.
The result: You end up giving away confidential information or downloading malicious computer code that can result in data and identity theft and, most commonly these days, ransomware.
There are estimated to be over 18 million dangerous websites looking to trick you. You can certainly find lists of the top 100 or so, but you're never going to find a definitive list of all of them to check against.
However, there are a number of key steps you can take to remove most of the risk and enjoy your online activity in safety.
Surprisingly, and not a lot of people know this, there's a site where you can simply key in a web address, or URL, before you even visit it.
Yes, of course, you could and should conduct a search on a new (to you) site name to see what others says about it. But you can also go much deeper by using the free Safe Browsing service of Google's Transparency Report.
This is a searchable page (see Google's Safe Browsing) where you enter a URL and click on the search icon. The page will then tell you if the site has any unsafe content. The page is updated daily and the result comes back instantly.
Security software firm Norton has a similar service (Is This Website Safe?) that also provides a score of 1 to 5 for safe content, along with links to reviews posted by users.
Here are nine more questions to ask when you visit a website
Is It Encrypted? Encryption stops hackers and others from seeing what you're doing on a web page - especially important on payment pages, where you key in your card details. Although it's not foolproof, if the address bar has "https" and a padlock at the top, the page is encrypted.
Is the site name a red flag? Some malicious sites use addresses that contain lots of dashes and jumbled letters. Others use names very similar to genuine sites - for example "scambsters" (with the "u" missing), so always check the address bar. At the same time, if you keyed in the site address yourself, make sure you entered it correctly.
Does it have a privacy policy? Again, not foolproof but a reputable site should have a privacy policy. If there isn't one, that could signal a bad site. If there is one, of course, it could have been copied. A search using some of the included text will tell you this.
Is it well-designed and correctly worded? Many malicious sites are quickly thrown together by scammers and crooks. They're often poorly designed and use bad spelling and grammar. Sites that use pop-ups, auto-run videos, and/or lots of flashing alerts should also be treated with caution.
Who owns it? If you suspect a site might lead to trouble, you can try to check who owns it. Just key in the domain name on the lookup page: Registration Data Lookup Tool. Sometimes, ownership names are private and not disclosed - a reason in itself to be suspicious. You can also check when the domain was set up; beware of new or very recently established sites.
Is it verified? There are numerous organizations offering verification of a site's authenticity and other credentials. Verification logos usually appear on the home page. Since these logos are easy to copy and reuse, don't make a judgment about website safety based purely on these.
What do reviewers say? It always makes sense to both conduct a search on a site's reputation and to read what other users say. If you can't find any information or reviews, that could be a red flag. You can also check reputations via sites likes Trust Pilot and the Better Business Bureau.
Are you protected by software? Most Internet security software will warn you if a site is considered malicious. They use continuously updated databases, so make sure you also keep your security app up to date too. Most web browsers also have security settings that you can use to identify questionable sites.
Can you contact them? Reputable organizations always provide information that enables you to contact them. It's best if they give an actual address, which you can check on mapping software, and a telephone number, which you can test call. Sometimes, though, it's just an email-type form with little or no information. That may not signal a scam but it's enough to put you on your guard.
It's enormously frustrating that users have to go to so much trouble to check out website safety. It can be time consuming, but, unfortunately, that's the price you have to pay to safeguard your online activity. And, generally speaking, you only need to do that once per site.
This Week's Scam Alerts
Good news: Focusing, as we do, on the baddies makes it easy to overlook the fact that many organizations work tirelessly to protect us against scammers. So, it's nice to be able to report a significant step forward in the battle against illegal robocallers. The Federal Communications Commission (FCC) has just required small phone service providers to implement the same ID authentication process (known as STIR/SHAKEN) used by bigger outfits.
Military consumer tips: July is Military Consumer Month, a time to focus on scams targeting vets and active armed services personnel, especially for jobs ads and social media posts. The US Federal Trade Commission (FTC) is publishing tips for military people and their families on Facebook throughout the month. Go to https://www.facebook.com/MilitaryConsumer
Time to conclude for today -- have a great week!