Go To Namecheap.com
Security & Privacy

Trust But Verify: Ensure Safe Web Browsing

Google recently made a big update related to security in its popular Chrome web browser. As we noted in a previous post, when users input information in a form on a website that is not secured with SSL, the browser will display a warning:
Google search box
This security improvement in Chrome is important for website owners, but it could instill a false sense of security when people surf the web. Below, we’ll discuss what to look out for and how to make sure you’re protected.

What is SSL?

SSL stands for Secure Sockets Layer. A site with an SSL certificate provides an encrypted link between the website and your browser so that the information you send through the website (such as your credit card or login details) remains private while in transit to the website’s server.
You can identify a site using SSL in a number of ways. Web addresses on secure domains will start with https:// instead of http://. Your browser will also display a padlock icon indicating that the site is secure. There may also be a site seal or other indicator on the website itself noting it’s an encrypted transaction.

Your Site Needs SSL

The Google Chrome update has been a call-to-action for website owners to add SSL to their website. Even if your site does not offer e-commerce, Chrome will flag the site as not secure if someone enters text into any web form.
This means all WordPress sites with comment forms will be flagged. Even a site with just a search box can trigger a warning.
Not having an SSL certificate for your website may lead to reduced comments on your blog, fewer people filling out contact forms, and people abandoning your site, fearing it might not be safe overall.
Thankfully, the cost of adding SSL to websites has dropped significantly, putting them in reach of all website owners. Namecheap offers SSL certificates starting at just $9.00 per year.

Users Beware

As a website owner, adding SSL is a no-brainer. But as a website visitor, it’s important to understand that SSL encryption has limitations.
Even though the transmission between your computer and a website might be protected by an SSL certificate, you should make sure that you’re dealing with a legitimate website in the first place. Websites that are spoofing other websites can still be secured with SSL. That means your information could be sent securely… but to a crook rather than the business you intended.
Researchers at Georgia Tech recently analyzed spoof websites and found over 100,000 such websites using SSL.

If you have any reason to suspect a site may not be legitimate (especially if you get a link via email), here are a few ways to check:

  • Visually review the URL. Symbols, dashes, or modified site names (e.g. g00gle.com) or unexpected domain extensions such as .info on a major retailer can be red flags.
  • Look for bad English grammar or spelling, odd layout, or other oddities on the home page.
  • Be wary of sites with ads all over the home page, intrusive pop-ups, or audio that plays immediately. This isn’t always a red flag, especially for blogs and news media. Generally, though, you wouldn’t expect this content on a bank or merchant site like Amazon or Namecheap.
  • Check site URL with Google Transparency Report to reveal any unsafe content.

So, before you buy a pair of shoes from a secure website you think is affiliated with Nike, double-check the web address to make sure it’s not fake.

Trust but Verify

To recap, there are two crucial things to do with Chrome’s recent changes:

1) Website owners should add SSL to their sites now.
2) Website visitors should check that a site is secure but also verify that the site itself is legitimate.

If you run a website, don’t delay.  Protect your visitors by adding an SSL certificate to your website. Namecheap offers SSLs starting at just $9.00.

Was this article helpful?
Sign up for email updates Get the latest deals, news, trends, and more direct from us.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

All systems go!

A confirmation message is on its way.

Andrew Allemann avatar

Andrew Allemann

Andrew is the founder and editor of Domain Name Wire, a publication that has been covering domain names since 2005. He has personally written over 10,000 posts covering domain name sales, policy, and strategies for domain name owners. Andrew has been quoted in stories about domain names in The Wall Street Journal, Washington Post, New York Times and Fortune. More articles written by Andrew.

More articles like this
Sign up for email updates Get the latest deals, news, trends, and more direct from us.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

All systems go!

A confirmation message is on its way.

Next Post

Namecheap Customer Stories: Samuel Carvalho

Read More