We all have favorite movies that we never get tired of watching. No holiday season is complete (at least in our house) without a family viewing of “Elf” — I’m ready for it right now! In one memorable scene, the main character, Buddy, strolls past a New York coffee shop, where to his amazement, he notices a neon “WORLD’S BEST CUP OF COFFEE” sign. With great naivety, a joyous Buddy pops in the diner and yells, “You did it! Congratulations! World’s best cup of coffee! Great job, everybody!” The idea of further questioning a food label or a claim on a neon sign, is also now true for visiting perceived ‘healthier’ websites. I’m referencing Hypertext Transfer Protocol Secure (HTTPS) webpages. Over the course of many years, I’ve repeatedly drilled it into the minds of computer users to always look for the padlock icon immediately to the left of the website address. The padlock icon represented security: meaning the visited website has been issued a certificate meant to imply that the site was secure from attacker hacks and cyber eavesdropping. Is that still the case?
The “S” Stands for Secure—or Does It? Since 2018, the use of HTTPS websites has far surpassed the use of HTTP (non-secure). For most businesses HTTPS pages are a requirement. After all, failure to own a secure site will result in Google Chrome boldly tagging your site as “Not Secure”. We can agree that it stands to reason that the more secure websites out there, the better.
However, the issue withHypertext Transfer Protocol Secure (HTTPS) sites recently is that cybercriminals are quick to evolve their deceitful practices. Instead of luring victims via phishing scams to clearly marked unsafe HTTP sites, we’re seeing a movement where newer malicious schemes are pointing to secure sites. The website line differentiating between good and evil has become increasingly blurred.
I recommend the following suggestions to prevent falling victim to these new HTTPS scams.
- Never login into or enter any personal information: credit card numbers, social security number, banking information, passwords into non-HTTPS sites.
- Do not solely trust a website based on its HTTPS and padlock icon presence itself.
- If the site does contain HTTPS, check out the desired domain name for spelling accuracy. There have been thousands of fraudulent certificates issued referencing the word “PayPal”. Most bogus sites are created with only one different character.
- Don’t click on links embedded within email and social media sites. The websites shown are likely forged and not the actual website you’ll be directed to.
- For regularly frequented websites, it’s a good idea to bookmark them so that you know exactly the site you’ll be viewing, opposed to searching the location of those sites with each visit.
- Install strong security software. As always, I recommend downloading and installing Thirtyseven4 Antivirus.
We can learn a lot from the mistakes and trustworthiness of our friend Buddy. He read the sign (claim), and believed it completely (World’s best cup of coffee!”). We cannot accept the validity of a site, based solely on theHypertext Transfer Protocol Secure and padlock icon anymore. Looks (HTTPS) can be deceiving, and cybercriminals work very hard to make things “look” typical.
Buddy also “shared” his discovery. He brought his friend Jovie back there to try the self-proclaimed best coffee. Before sharing sites or pages, be very sure they are legitimate and safe.
And lastly, upon tasting the “World’s best cup of coffee.” it was so unpalatable that Jovie grimaced and said it tasted “crappy.” Unsecure and malicious sites will do more than just leave a bad taste in your mouth—they can poison your bank accounts, contacts and machine itself, among other things. Be sure that you can verify the website before putting your trust (in the form of a click) into it.
Cyber dangers are real. Let us learn from the mistakes of Buddy and remember that instead of “S” standing for Secure, let us also think of “S” standing for “Smart.” Being Smart and in-tune to the impeding traps and dangers lurking around every corner.