Methods for checking site security

Phishing and social engineering are modern types of Internet scam. Their goal is to obtain user bank card data or distribute malware. In order not to fall for a scam, you shouldn’t visit suspicious resources and enter personal information on them. But if this is to be done, you should check the website for security. How to do this – we will tell below.

Step 1: Visual Inspection

You can determine the reliability of a web resource even by looking at two signs:

1. The correctness of the URL.
2. The https protocol.

The easiest way to understand that this is a scam website is to look at the URL. Faking an address is one of the main tricks in phishing. It almost looks (it’s a keyword) as original, at first glance the minimal difference is even imperceptible. But if you look closely, you can see a micro-error: for example, a number instead of a letter. And when you visit a familiar site and are sure about the domain it is registered on, we recommend that you check this item as well. The sudden change of .ru to .com is also one of the clear signs of phishing.

You can also verify the authenticity of the resource using the https protocol. Previously, this designation was written without the letter “s” at the end; today it can still be found but is gradually becoming a thing of the past. The fact is that https is a more reliable protocol, and the data transfer channel between the server and the browser in it is better encrypted. S at the end stands for “secure”.

It is worth noting that cybercriminals are also aware that sites whose address starts with https are more credible. If the task is to pull a serious scheme, then it costs them nothing to create a resource with a secure protocol using a fake certificate. Therefore, do not enter personal / banking information on unfamiliar sites, even if you see https at the beginning of the address, without studying them in more detail..

Step 2: Special Verification Tools

You can also protect yourself from cybercrime through the following measures:

• using of regular browser performance capabilities;
• checking the security of the resource online;
• installation of security programs.

In the first case, we are talking about privacy settings. Each browser has this default option, but it’s quite possible to strengthen the reliability of privacy settings by changing the configuration according to your requirements. For example, you can disable autoload, put a lock on pop-ups and not agree to tracking. The type and possibilities of settings in different browsers may vary.

If the web resource seems suspicious, you can run an online scan on special services (for example, VirusTotal). These tools work on the basis of different anti-virus solutions and use other methods of detecting threats. To start checking a website, you need to enter its URL in the program’s search box, and it online tests the resource for reliability.

Special antivirus software will help protect against cyberthreats. You should choose one with the improved anti-phishing technology, the purpose of which is to protect the user from fake web pages. VPN technologies provide additional security and complete anonymity; it is worth enabling protection when switching to a suspicious resource.

Website Verification Checklist

When visiting the resource, you should immediately pay attention to the "Contacts" section. To make sure of reliability – try to contact the owners or check the reviews on the network by entering their email into the search engine.

The second step is to make sure that the anti-virus program has a certificate confirming its protective phishing capabilities. It is possible to understand whether there is a document, as well as the degree of reliability of the program itself, according to the results of research from independent laboratories (they can easily be found on the network, according to reviews on forums). They evaluate the work of anti-virus solutions, check fictitious reactions when recognizing original banking resources.

The third step is to check the privacy policy. If it is not supported on any site, then this is a clear reason for doubt in its reliability.

The fourth step is checking the owner. You can find out who owns the resource using the special WHOIS service. You can also find out who the domain owner is by checking the data that is available on the network. And that will be that – you will need to find reviews on it.

In general, you should be very careful when linking. If the resource seems fishy, then you should not enter personal bank card data, believing in the alleged benefit. If it’s not possible to refuse to visit the website and you have to indicate banking or personal information, you need to subject it to thorough verification by all available means. This precaution will help protect against cybercriminals.