When to Trust a Website


  1. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #1

    When to Trust a Website


    This is a bit long, but considering the number of people duped by rogues, I think it is worthwhile repeating here from Microsoft, Help & How-to on When to trust a website.
    Knowing when to trust a website depends in part on who publishes the website, what information they want, and what you want from the site. If you're not sure whether to trust a website, consider these questions:

    Are you visiting a secure site?


    If you are visiting the website with a secure connection, you will be able to identify the website through the site's certificate. A secure or encrypted website address will begin with HTTPS rather than HTTP, and you will often see some sort of icon in the browser such as a padlock indicating that the website is secure. Secure connections use certificates to identify the website and to encrypt your connection so that it will be more difficult for a hacker to view. For more information on secure websites, go to the Windows website and search for "transaction is secure."
    Depending on the type of certificate the website has, you can see the website address or the company address that the certificate was issued to. Extended Validation (EV) certificates will turn the address bar green in some browsers, and will contain a confirmed name and address for the website owner. Non-EV certificates will contain the website address or the domain of the site. If you can view a security report, and it only shows the website's address, be sure it is the address you wanted to visit. Phishing or fraudulent websites will often use similar website names to trick visitors into believing they are visiting trusted sites. For more information, go to the Windows website and search for "phishing."
    Certificates are issued by companies called certification authorities. Windows contains a list of the most common certification authorities. If Windows doesn't recognize the issuer of the certificate, a warning message will appear. However, Windows can be configured to trust any certification authority, so you should not rely solely on receiving a warning message when a website is potentially fraudulent.


    Is the website certified by an Internet trust organization?


    An Internet trust organization is a company that verifies that a website has a privacy statement (a posted notification of how your personal information is used) and that the website gives you a choice of how they use your information. Websites approved by Internet trust organizations are able to display the privacy certification seals, usually somewhere on their home page or order forms. However, these seals don't guarantee that a website is trustworthy; it just means the website complies with the terms acceptable to the Internet trust organization. Additionally, some unscrupulous websites might display the trust logos fraudulently. If you are not sure whether a trust logo is legitimate, contact the trust organization to see if the website is registered with them.
    To learn more about these trust organizations, you can go to the TRUSTe website, the BBB Online website, or the WebTrust website.


    Is the website owned by a company or organization that you know well?


    For example, if you bought merchandise from a physical store and were happy with the experience, you might want to try the store's website as well. However, even if you trust the company, always read the website's privacy or terms of use statement. Sometimes a company's website is independent of its stores, and it might have different privacy terms. Look for terms you don't agree with, such as requirements to accept e‑mail offers or advertising from the website, or that your information is shared with the company's partners. If you are not comfortable with the terms or behaviors (for example, you do not want to be tracked or to see advertisements), do not use the site.



    Does the website ask you for personal information?


    If you are asked for personal information, such as credit card numbers or bank information, only provide it if there is a good reason to do so. Also, make sure there is a secure entry form for recording information. Look for a message stating that the information will be encrypted and check for a lock icon or ensure that the web address starts with HTTPS:// (do not enter confidential information if neither of these are present). Also, try to find out what the website's policy is about storing information: Do they keep your credit card number on file? Do they have partners that they share information with? You should be confident that the site is using your information properly and in a secure manner before providing any information.



    On a retail website, is there a way to contact someone by phone or mail?


    Do they have a phone number that you can call if you have a problem, or that you can use to place an order? Does the website list a street address? Is there a posted return policy with acceptable terms? If the site doesn't provide a phone number or physical address, try contacting the company by e‑mail to ask for that information.



    If you don't recognize the site, do you have other information to help you decide?


    If you are not familiar with a website or it does not have a privacy certification seal, it might not necessarily mean that you cannot trust it. Ask reliable friends or colleagues about the site. Search for references to the site on the Internet to see if a source, such as a magazine or company that you do trust, has referred to it. Read the website's privacy statements or other disclosures (but keep in mind that the site might not necessarily abide by them).


    A website might not be trustworthy if:

    • The site is referred to you through an e‑mail message from someone you don't know.
    • The site offers objectionable content, such as pornography or illegal materials.
    • The site makes offers that seem too good to be true, indicating a possible scam or the sale of illegal or pirated products.
    • You are lured to the site by a bait and switch scheme, in which the product or service is not what you were expecting.
    • You are asked for a credit card as a verification of identity or for personal information that does not seem necessary.
    • You are asked to provide a credit card number without proof that the transaction is secure.
      My Computer


  2. Posts : 536
    Windows 7
       #2

    Good info. I used to see the green bar in the browser URL bar and think to myself "whats the point?". Well, I recently had to order a new SSL cert for an important customer facing service at my company. The CTO says " I want it to display the green bar in peoples browsers". I say no problem ( I have to order SSL certs all the time and can usually get them within an hour). LOL, weeks later I'm trying to get documents printed on company letterhead and signed by Company legal teams, and having them send letters for verification, verifying phone calls, etc. I had to jump through so many hoops, I now have a new respect for the green bar.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:59.
Find Us