Tips for safepurchasing

on the Web!

It’s easy! When a site prompts

your to enter sensitive data,

ensuring you that your data will

be protected, you must check

two things. First, the address

should change from

http://www.nameofsite.com

to httpS://www.nameofsite.com.

The additional “s” indicates that

the connection is now secured.

Second, a padlock

should appear in your address bar.

Warning: a padlock displayed elsewhere on the screen has no value.

When asked to show ID, do you pull out a membership cardfrom your favorite club? Of course not! It has no legal value,

and merely showing the card doesn’t

prove you are its real owner.

On the Internet, the same holds true.

The only way you can be confident

and rest assured that it’s safe and

risk-free to share important data,

including your bank account details,

is to use an SSL certificate.

An SSL (Secure Sockets Layer) certificate is

like a piece of ID. It is issued to websites by

organizations called Certificate Authorities

after control procedures whose complexity

varies based on needs. The SSL certificate

guarantees the identity and transfer of data

through a secured connection. All information

sent by a user to a website is encrypted, and

only the website has the means to decrypt it.

Without a certificate, the information travels in

plain text and can be intercepted by hackers.

How can I recognize a certified website? There is no padlock displayed in the address bar. This “phishing” site is a scam!

This website features a padlock, but it is displayed on the page and not in the address bar.

The use of HTTP, as opposed to HTTPS, proves that the connection is not secured.

The TRUE SSL certificatedon’t settle for less!

Check the color of your address bar. Red means the certificate is worthless; no color means the certificate is valid but has not undergone in-depth verification. A green bar, on the other hand, means the site has been well-vetted and has been issued an Extended Validation SSL certificate. Such sites are also protected against phishing. Your connection is secured.

Verify certificate quality

There are hardware and software devices that track keyboard activity unbeknownst to users. Always use a trusted computer when entering sensitive data.

Don’t make purchases from Internet cafes

Sometimes typing www.keynetis.com instead of www.keyneCtics.com is all it takes to end up on a fraudulent site. Watch out for typos!

Always double-check the website address

If a website makes you feel suspicious, it is probably not worthy of your trust. Stick to well-known sites.

Trust your instincts

Anybody can add the logo of an antivirus vendor or bank to a website to make users think the site is protected. Dynamic site seals, on the other hand, are trustworthy. Be cautious!

Be wary of reassuring logos

Emails are not encrypted and the data they contain can be easily intercepted. Never send your bank account details by email

The email might be from a hacker who has usurped the identity of a friend in an attempt to lead you to a fraudulent site and steal your sensitive data.

Don’t click on links in email

Seven golden rules for well-informed buyers

Protecteur d’identitéProtecteur de libertédans un monde connecté

To find out more, feel free to write us at: confiancesurinternet@keynectis.com In order to be regularly informed about new guides on this topic.

Typosquatting (also known as URL hijacking), is based on typographical errors. Certain hackers create websites whose names are phonetically very similar or spelled almost exactly the same as a well-known site. Always double-check the URL in the address bar.

Phishing is a technique that consists in fooling victims into believing that they are on a trus-tworthy site (bank, administration, etc.) in order to steal their sensitive data. In this type of attack, links are generally inserted into emails, directing the user to a fraudulent site or a site whose name closely resembles that of a well-known site. Typically, if keynetics.com is an authentic site, keynetics.myaccount.com could be a spoof. The only way to verify site ownership is to make sure the address bar is green. keylogging (or keystroke logging), is a technique in which hardware or software is used to covertly track the keys struck on a keyboard. The hacker thus “eavesdrops” on all of your com-puter activity in order to obtain sensitive data. Only use a trusted computer and install an anti-vi-rus on your machine.

Even the best anti-virus in the world cannot guarantee total security. It is therefore essential to remain very vigilant when you go online and to be familiar with cybercriminal techniques in order to avoid them. Three types of attack are especially popular these days:

Don’t make it easier for them!One informed user is worth ten!

Be cautious!