Protect your iPhone against dangerous websites with Avast One
The internet can give us information, social connection, deals... and malware. But armed with the right tips and tricks, you can avoid malicious sites and links. Safe online browsing isn’t hard if you know what to do. Learn how to tell if a website is safe and how security software like Avast One can help you avoid dangerous websites.
Remember when the internet was fun? These days it seems to be more minefield than playground. Users are treading cautiously and trusting nothing, wondering is this link safe an is that site infected? It’s difficult to enjoy your digital world when worry and suspicion are trending so heavily.
This Article Contains:
Phishing scams use social engineering to trick users into downloading malware or giving out sensitive data. One infamously popular method is to create a phony lookalike website that is then used to trick you into entering your login credentials or account info.
Short of sending you to a decoy site designed to capture your keystrokes, social engineering can also lure you to an infected website that downloads malware into your system, grants remote permissions to a cybercriminal, or even conscripts your computer into a botnet. Nobody wants to be this kind of victim.
The good news is that nobody has to be. The three website safety tips below will clear away the uncertainty and teach you how to identify if a site is trustworthy or not. First, you’ll learn a couple of simple visual checks that give you useful info at a glance. Then, we’ll explain the website safety tools you should have in place to inform and guide you. Finally, we’ll tell you how to research a little deeper should any questions still remain. Now let’s get savvy and put the fun back into web surfing.
Double-check those URLs — Let’s start with the easiest tip. It’s really no more difficult than making sure the URL looks legit. Before you click any link, hover your cursor over it and look at the bottom left corner of your screen where the URL is displayed. The first trick of phishing is to look as authentic as possible. At first sight, the URL might look like the real McCoy, but closer inspection may reveal a 1 instead of an l, or .net instead of .com. Train yourself to sanity check each and every URL before you click or before you enter any personal information like a username and password.
Check for https — Those letters you see at the start of every URL stand for Hypertext Transfer Protocol (http). It’s the foundation for how data is communicated on the web. And while it’s eminently useful, it’s also easily hackable. The addition of an "S" as in “https” (and the lock icon), however, tells you that the site is secure. Websites with a padlock icon in the address bar and an https prefix are encrypted and have a trusted SSL certificate, basically guaranteeing a secure connection between website and browser. If you cannot verify that a website or link is safe with https, be on your guard and do not enter any personal information.
And, do note: cybercriminals do everything in their power to present themselves as legit, so while https: websites are more secure, you could be on to one that is run by a crook. So, if you are still suspicious about an https: site, use the other safety tools below to check if a website is safe.
“It can be difficult for users to spot that the site is infected. For example, it is suspicious if the user fills in the payment form on the website itself and is then redirected to another payment form on the payment gateway webpage. But in cases where the payment form is directly on the e-commerce website and the attacker steals payment details from this legitimate form, it is really hard to notice that the website is infected. Therefore we recommend using a second factor (e.g. mobile app or SMS code) to confirm internet payments if the bank supports it.”
Pavlína Kopecká, Malware Analyst
Use your built-in browser tools — The first tools you should familiarize yourself with are the security measures already in your browser. Look at your privacy and security settings. Chances are, you’ll find the default settings are more lax than you like. Manually adjust the rules and settings in the way that makes you comfortable. Block popups, prevent automatic downloads, don’t allow tracking. Your options will vary depending on your browser of choice.
Run an online website safety check — There are several from which you can choose, but we recommend VirusTotal for its unbiased position. These online tools use antivirus scanners and other security solutions to check a website for any threats. Simply enter the URL you want scanned into the search bar on the site, and get instant results.
Enter a URL, and VirusTotal will tell you if the site is suspicious.
Install web security tools — For total website safety confidence, protect yourself with top-of-the-line antivirus software. You can also add the benefit of privacy to website safety if you go with a virtual private network like Avast SecureLine VPN. And we’d be remiss if we didn’t mention Avast Secure Browser, the most security-forward browser available on the market.
Avast Secure Browser is a private, fast, secure browser that protects you online. And, it’s free.
Check contact details for the website — If you’ve done all of the above and you’re still not quite sure, then march on up to the front door and knock. That is to say, find the “Contact Us” info on the site and give them a call. Depending on how (and if) they answer will clue you as to whether or not it’s a legitimate operation.
Check if your antivirus has an Anti-Phishing Certificate — Not all do. Look for 3rd-party labs who test for anti-phishing, such as AV-Comparatives. They test antivirus products against phishing URLs (which attempt to get your personal information) and they check for false positives when it comes to legitimate banking websites, to make sure the security product knows the difference. Avast Free Antivirus passed and was the only free software awarded their Anti-Phishing Certificate.
Look up the domain owner of the website using WHOIS — You can also research who owns a particular domain by checking the public records available through a WHOIS search. Learn everything about the domain, including who registered it and when.
The internet is teeming with phishing scams. No brand is safe from being falsified, and no user is safe from being targeted. More than ever before, we need to take responsibility for our own online safety. Follow the tips above and stay smart. We can give you all the info you need, but your greatest defender is you.
And thankfully, with comprehensive security software like Avast One, you won’t be battling alone. Avast One packs powerful features that work together to provide you with real-time website and online threat protection and advanced privacy safeguards.