How to determine if a website is safe?

The cybercrime is on the rise and the cases related to credit card scams, identity stealing, phishing, fraud e-commerce websites etc. are increasing exponentially. To safeguard against such mal practices one must be able to distinguish between an authentic and a fraudulent domain.

We have decided to come up with some guidelines which will help you keep your identity and your personal information private on the World Wide Web.
The guidelines are divided amongst the 2 main activities that we do online.

 1.       Safety Tips for Browsing

Many people consider browsing as a trivial task and are not all concerned about making it more secure. But the hard fact is, a person’s identity can be forged by using the credentials used by him at the social networking websites like Facebook, Twitter etc. So, one should always exercise caution while using these social networking sites.

Protecting Sensitive Information

Always use https whenever possible. In some websites like Gmail and Facebook there is an option to forcibly use https at all the times. Though the https doesn’t offer full proof protection but still it is sufficient to keep your data transmission secured from a network intruder.

Use Online Tools to determine if a website is safe

Online tools like Norton Safe Web and McAfee Site Advisor can tell you whether the URL you entered can be trusted or not. Both of these tools basically work on the same principle. They can also tell whether the domain is infected with some malicious code/scripts or not.

12

Phishtank- This online service can be used to stay from phishing websites. At phishtank a user can also submit suspected phishing websites and help the entire web stay safe.

The guidelines issued by the SBI to the customers for online shopping are aimed to prevent the customers from falling prey to the phishing practices.

Courtesy- SBI Internet Banking

Browser Extensions

The online tools/services which I mentioned above can only be used to going to their respective websites. The browser extensions which I am going to list below also do the similar job but they provide the user with the comfort of displaying the result in the browser window on the fly.

Alexa toolbar – This browser extension shows the estimated ranks of websites. Use caution when you open websites with poor alexa rank. (>1.5million). Those websites are most likely unsafe and untrusted.

Web of Trust (WOT) – The WOT extension appends a circle (like a Traffic Light) to every URL on the webpage. The circle is assigned a single solid color among red, orange and green based on ratings for factors like Trustworthiness, Vendor Reliability, Privacy and Child Safety.

Note that new and unrated website URLs are appended with a question mark sign but that doesn’t mean that they are unsafe. In this scenario I would recommend you to use above mentioned online services to determine the authenticity and trustworthiness of any website.

WOT for unrated but Trusted website- How to determine if a website is safe?

Avoid browsing blacklisted websites

A website might get blacklisted due to a number of reasons which includes sending of spam emails, if it’s infected with malicious code and scripts, usage of blackhat SEO tricks etc. But who cares whether your website got blacklisted only because you used illegal SEO tricks. You can check whether a website is blacklisted or not by clicking here.

 2. Safety tips for Shopping

Do all the checks as you did for determining the safety and authenticity of a website for browsing purposes. In addition to that you’ll need to take the following precautions:

 

a. Is the form page secured with https?

Form page is the page where you’ll enter your personal and monetary information like your mobile number, credit card number, date of birth, address, email address etc. If the page is not secured with https and if you don’t see a padlock before the URL of the website in the address bar then DO NOT proceed further. The information you will send can be seen by anyone eavesdropping on your network.

What is https?

PS: The padlock symbol can be faked by using Java Script too. Always do all of these 3 checks before making an opinion about a website.

b. Have you heard about that website before?

Anyone can create a website and make it look legitimate by obtaining an SSL certificate. Do not fall prey to such fraudsters. Always do a background check for ecommerce site.

c. Can you see the address and phone number of the website in the Contact Us section?

It is required by law to display at least a phone number (not mobile number) and postal address of the ecommerce website’s main HQ anywhere on the website. If you can’t find the address or the landline number then you’ll again have to do background checks.

Background check for e-commerce websites:

Look for the registration information of the website on WHOIS.

For e.g. – This is the information I get when I search for Flipkart.com on WHOIS.