How Can I Tell If a Website is Secure?

The internet makes it really easy for us to pay bills, make purchases, and conduct business or communicate quickly. Unfortunately, it also creates more opportunities for cybercriminals and scam artists to prey on unsuspecting victims. For example, criminals may set up fake websites that mimic legitimate ones, hoping you'll enter personally identifiable information they can steal, such as credit card and social security numbers.

Before you make a payment or share sensitive information online, we advise you to make sure the website is secure, legitimate, and a trusted option. Fortunately, this is too hard to do.

Check if the Site Uses Secure Encryption (HTTPS)

When you are just looking around on a website the URL (web address) probably begins with http://, meaning the site is using Hypertext Transfer Protocol. HTTP is the foundation of how information is transmitted on the internet, and nearly all websites use it. However, this protocol does not have any built-in security to protect you when using the web. That's where HTTPS comes in.

What does HTTPS do?

When you make a purchase on a website, conduct business on a banking site, or visit any site that requests financial or sensitive information, the URL should change to begin with https:// and will show a green lock icon. The HTTPS stands for HTTP Secure, which means that all communications between your browser and the website in question are encrypted and secure, using a security certificate. HTTPS can help protect against multiple kinds of spying threats, such as man-in-the-middle attacks and eavesdropping.


The next time you're shopping or making a purchase on a website, pay close attention to the URL and you can easily identify when the security layer is added on (when you get asked to enter sensitive information), and when it goes off again (if you just go back to browsing around). Test this URL change out on a few sites you are familiar with. You may notice that the lock icon never goes away, as many of today's sites use security certificates throughout.

The Website Design Matches the Brand's Style

Fake websites are often thrown together hastily so they can start scamming right away and can be taken down before the authorities take action against the cybercriminals who create them. That means they can contain spelling errors, especially of the brand or product names, and may include poor image quality or video content.

If the design of a website you know and trust changes suddenly or contains errors, colors, or images that don't look quite right, close the page immediately before entering any sensitive information.

The Website has Concrete Contact Information

If you're ever unsure about a website's legitimacy, check for contact information. All legitimate companies provide physical addresses, phone numbers, email addresses, and other identifying contact information on their sites. If that information is missing from a website, or if it looks suspicious or doesn't match what you know about the company, then that site is likely a fake.

Ultimately, there are many ways to protect yourself from harmful websites. Most of them start with a little know-how about what to look for. Find more tips for safe browsing here.

We also recommend you use advanced internet security software that has real-time anti-phishing and web threat protection to keep you safe as you bank, shop, and browse online.


Find the right cybersecurity solution for you.