Skip to main content

Browser Security Symbols Don’t Mean Websites Are Legitimate

By December 19, 2018June 2nd, 2022Cybersecurity

Most people use Google Chrome.  In fact, according to the latest statistics, Chrome has more than half the browser market share, with the rest dividing the smaller portion of the market between them.  That’s relevant because recently, Google has made important changes to their browser that provide visual cues when a website you’re visiting doesn’t have an SSL certificate.

The visual cue, a little green-colored message that says “secure,” is important, because it tells you that if you enter information anywhere on that page (personally identifiable information, passwords, credit card info, etc.) you can do so with confidence. You’ll know that it’s exceedingly unlikely that anyone is spying on you and making off with the information you’re entering.

It’s important to note, however, that “secure” or “safe” and “legitimate” aren’t the same things.

Increasingly, hackers are investing in SSL certificates so that Google will identify their websites as “secure” too.  It gives people who visit their malicious sites a false sense of security and makes it more likely that they’ll enter information on the hackers’ system, literally giving them all information you’re trying to keep from them. Even worse, most people don’t pay any attention at all to the string of text that appears in the URL box near the top of the browser.

As the web has become increasingly visually oriented, most people simply go by the way the page looks. So for example, if you see what appears to be a PayPal login screen, you’re likely to enter your PayPal username and password without even thinking about it. After all, Google’s telling you it’s secure, and it looks like the PayPal login screen you’re used to seeing, but it might not be.

Hackers have long been in the habit of buying an official sounding domain, then creating sub-domains from it that closely mimic legit sites.  The only way to know for sure is to pay close attention to the URL you’re actually visiting.

The best way to minimize your chances of visiting a poisoned site is to never click links embedded in emails.  Any time you need to visit an official site, type the URL in yourself, or search it on Google and access it that way.  Safety first!

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.