View
206
Download
0
Category
Tags:
Preview:
Citation preview
Tips for safepurchasing
on the Web!
It’s easy! When a site prompts
your to enter sensitive data,
ensuring you that your data will
be protected, you must check
two things. First, the address
should change from
http://www.nameofsite.com
to httpS://www.nameofsite.com.
The additional “s” indicates that
the connection is now secured.
Second, a padlock
should appear in your address bar.
Warning: a padlock displayed elsewhere on the screen has no value.
When asked to show ID, do you pull out a membership cardfrom your favorite club? Of course not! It has no legal value,
and merely showing the card doesn’t
prove you are its real owner.
On the Internet, the same holds true.
The only way you can be confident
and rest assured that it’s safe and
risk-free to share important data,
including your bank account details,
is to use an SSL certificate.
An SSL (Secure Sockets Layer) certificate is
like a piece of ID. It is issued to websites by
organizations called Certificate Authorities
after control procedures whose complexity
varies based on needs. The SSL certificate
guarantees the identity and transfer of data
through a secured connection. All information
sent by a user to a website is encrypted, and
only the website has the means to decrypt it.
Without a certificate, the information travels in
plain text and can be intercepted by hackers.
How can I recognize a certified website? There is no padlock displayed in the address bar. This “phishing” site is a scam!
This website features a padlock, but it is displayed on the page and not in the address bar.
The use of HTTP, as opposed to HTTPS, proves that the connection is not secured.
The TRUE SSL certificatedon’t settle for less!
Check the color of your address bar. Red means the certificate is worthless; no color means the certificate is valid but has not undergone in-depth verification. A green bar, on the other hand, means the site has been well-vetted and has been issued an Extended Validation SSL certificate. Such sites are also protected against phishing. Your connection is secured.
Verify certificate quality
There are hardware and software devices that track keyboard activity unbeknownst to users. Always use a trusted computer when entering sensitive data.
Don’t make purchases from Internet cafes
Sometimes typing www.keynetis.com instead of www.keyneCtics.com is all it takes to end up on a fraudulent site. Watch out for typos!
Always double-check the website address
If a website makes you feel suspicious, it is probably not worthy of your trust. Stick to well-known sites.
Trust your instincts
Anybody can add the logo of an antivirus vendor or bank to a website to make users think the site is protected. Dynamic site seals, on the other hand, are trustworthy. Be cautious!
Be wary of reassuring logos
Emails are not encrypted and the data they contain can be easily intercepted. Never send your bank account details by email
The email might be from a hacker who has usurped the identity of a friend in an attempt to lead you to a fraudulent site and steal your sensitive data.
Don’t click on links in email
Seven golden rules for well-informed buyers
Protecteur d’identitéProtecteur de libertédans un monde connecté
To find out more, feel free to write us at: confiancesurinternet@keynectis.com In order to be regularly informed about new guides on this topic.
Typosquatting (also known as URL hijacking), is based on typographical errors. Certain hackers create websites whose names are phonetically very similar or spelled almost exactly the same as a well-known site. Always double-check the URL in the address bar.
Phishing is a technique that consists in fooling victims into believing that they are on a trus-tworthy site (bank, administration, etc.) in order to steal their sensitive data. In this type of attack, links are generally inserted into emails, directing the user to a fraudulent site or a site whose name closely resembles that of a well-known site. Typically, if keynetics.com is an authentic site, keynetics.myaccount.com could be a spoof. The only way to verify site ownership is to make sure the address bar is green. keylogging (or keystroke logging), is a technique in which hardware or software is used to covertly track the keys struck on a keyboard. The hacker thus “eavesdrops” on all of your com-puter activity in order to obtain sensitive data. Only use a trusted computer and install an anti-vi-rus on your machine.
Even the best anti-virus in the world cannot guarantee total security. It is therefore essential to remain very vigilant when you go online and to be familiar with cybercriminal techniques in order to avoid them. Three types of attack are especially popular these days:
Don’t make it easier for them!One informed user is worth ten!
Be cautious!
Recommended