When you look at your browser’s address bar, do you feel safe seeing the small green padlock in the corner? Well, you might have to rethink your answer soon. Apparently, users are so trusting of the green padlock that phishing sites have started using it!
We’ve been programmed to understand that a website with a green padlock means a secure and encrypted connection. Ever since HTTPS first started making its rounds online, we were told that uses this protocol is safe, secure, and legitimate. Apparently, hackers were also let in on this little secret and have started to use it to their advantage.
It seems that getting a certification that shows that your website uses HTTPS isn’t as difficult as it used to be, as more and more phishing scams are hiding behind the security of an encrypted site as well. This makes it easier for a hacker to trick a larger amount of people into using his/her fake website. A lot of the times, these sites will look like real e-commerce sites (or even a PayPal verification site). In these cases, the website will usually require a credit card number to complete a purchase. The fact that these sites are getting more difficult to vet out means that it’s getting a lot easier for hackers to successfully launch a general phishing scheme.
To add to all of that, the amount of phishing sites that have made the switch to HTTPS is steadily increasing. According to PhishLabs, a cybersecurity company, almost a quarter of all phishing sites in 2017 used HTTPS. So far, that number seems to have doubled in 2018, and it doesn’t look like it’ll be slowing down.
How to Stay Safe Online
As scary as the idea of phishing sites hiding in plain sight is, there is still something that you can do that can help protect you while you’re online.
In order to make sure that your data is protected, that you don’t fall scam to a phishing website and that your connection to the internet is consistently private, you need a VPN.
Let me explain.
Short for Virtual Private Network, a VPN will both encrypt your data and re-route your traffic through its own secure servers.
In other words, a VPN will protect you from data theft while making sure that your connection is private and unmonitored/surveilled. With a VPN, your ISP won’t even be able to see what you’re doing online.
But wait, how can a VPN protect you from phishing websites?
To start, most top-tier VPNs already actively work against malware. Since your data is encrypted, VPNs also stops anyone who is trying to steal your data. As for phishing websites, VPNs also block any attempt to re-direct you to fraudulent sites, effectively blocking the go-to method of many online phishers. A VPN is also a great tool to help you protect your banking information while online.
Best VPN for Online Protection
Personally, I suggest using ExpressVPN as your go-to VPN provider, simply because it offers one of the best services on the market. ExpressVPN is also very security conscious and can help protect you from hackers and phishers alike. Check out the full ExpressVPN review to make sure you get a better picture of the services on offer.
In case ExpressVPN isn’t your cup of tea, try out these providers instead:
Of course, a VPN should not be your only method of protection. Since phishing scams and hackers, in general, are using methods that are increasingly difficult to catch-out, there are a few more steps you should take to make sure that you’re safe.
Look at the URL. Since the Green Padlock is no longer a good indication for safety, the actual URL is your second best bet of catching-out a phishing site. Most hackers will use letters or symbols that look almost exactly like the original name on their fake website. This is why you need to be extra careful while reading the site’s URL. If you’re extra worried about it, try copying the URL into a Word document and messing with the font. If there’s a typo meant to look like the original site’s name, you will see it.
Make sure your firewall is on. Even though some VPNs have firewalls in their packages, your system’s firewall works if it’s up to date. Make sure that you update your system whenever you have to, especially if it’s a security update, to maintain the efficiency of your firewall.
Do not shop from websites you’re not sure of. If you are suspicious of the website you’re currently using, do not put in your banking details into that website.
Use 2-factor authentication whenever possible. If your bank offers 2FA for online use, make sure you activate that option. Not all banks offer this service, so check with your bank to see if this option is possible for you. That being said, turning on 2FA for your social media profiles and accounts is also a very good idea, as it protects you from hackers trying to hack into your accounts.
The Green Padlock – Final Thoughts
It’s safe to say that the days of trusting in the Green Padlock are slowly coming to an end. The idea that you could easily fall victim to a phishing scam online isn’t easy to handle, I know, but it’s good to know that there are still things you can do to protect yourself. As always, my biggest advice to all of you is to keep yourself informed so you know what it is you’re going up against.
A reader, writer, and avid internet user. Hiba has spent the better part of her adult life looking for ways to have a safer and more user-friendly online experience, all while praising the uses of VPN connections to anyone who would listen.