We can never be completely certain that a website is safe, but we can definitely reduce the chances of ending up in a bad neighbourhood
1) Be careful of misleading subdomain names
It’s very easy to do a “Google Search” and then click on a result that takes you to a fake site. Suppose, for instance, that you are searching for a product called “Fred Smith’s Widgets” and you use that as your search term in Google. If Google then returns a result with a headline of “Buy Fred Smith’s Widgets at 90% Off” and a website address of “www.fredsmith.salesdeals.co.uk” then it would be very easy to assume that this is, indeed, the website of that well-known and reputable firm “Fred Smith Widgets Co Limited” and that by following the link you would end up in the Sales Department of that firm’s website.
Not so. Apart from the fact that anyone at all could have registered the name “fredsmith”, the actual name of the domain is “salesdeals.co.uk”. The prefix of “fredsmith.” is what is known as a subdomain. It is a sub-division of the “salesdeals.co.uk” domain and probably doesn’t have anything to do with “Fred Smith Widgets Co Limited”. Anyone can create subdomains of domains that they control and can give the subdomain any name they like. Subdomains can be freely created and are not regulated in any way. So, if the primary apparent link between what you are looking for and the Google result is nothing more than a subdomain name then it might be wise to be careful.
2) Scan a site before visiting
Even if the website is genuine, it is possible that it has been infected by malware that could damage your system – with or without the knowledge of the website owners. If you want to visit a website but prefer to make sure first that it doesn’t harbour anything nasty, you can use a free scanner to check it out. Follow this link for the Sucuri sitecheck scanner. Then enter the name of the website you wish to check. A check of my own website has just given the following result:
Norton offer a similar “instant scan”. Just visit http://safeweb.norton.com/ and enter the site you wish to check. Here’s what it said about www.davidleonard.net
3) Be critical of the spelling, grammar, and presentation of the website
Although it’s true that some malevolent sites are very well written and presented, it’s also true that most of them are not. Undoubtedly, we shouldn’t expect the same standard of English on a website in a non-English speaking country. Nevertheless, I believe that it’s worth including the standard of the English in an assessment as to whether to trust the site. I really don’t want to sound like a Little Englander, or suggest that “foreigners can’t be trusted” or anything like that. I’m just saying that a professionally presented website is more likely to be trustworthy than a shoddily presented one. English is undoubtedly the lingua franca of the internet so you would expect a genuine, professional, organisation to take a certain amount of care in this respect – whether the website originates in an English-speaking country or not.
4) ALWAYS look for the “https” on “Financial Pages”
If you are on a webpage that is going to ask for confidential information – including, of course, credit card details etc – then make sure that the address of the web page (at the top of the browser) begins with “https” and not the more usual “http”. The “s” stands for “secure” and it ensures that the data is encrypted as it flies through cyberspace. The “s” may not give 100% security that you are dealing with a genuine organisation but if a website is asking for confidential information WITHOUT encryption then they are definitely reckless at the very least, so don’t trust them.
5) Be wary of following links
If you are considering visiting a webpage by clicking on a link in, for instance, an email then be very careful as it is easy for someone to mislead you as to the actual website you will arrive at. If you’ve clicked on a link called “www.barclays.com” and your browser address bar tells you you’ve landed on “www.cons-r-us.com” then it might be appropriate to harbour suspicions.
6) Install a link checker
AVG Secure Search – and McAfee Site Advisor – are both browser add-ons that give instant advice in the form of icons showing the trustworthiness of the site. For instance, McAfee Site Advisor adds reassuring ticks in green circles to indicate that a site is probably safe:
We can never be absolutely certain that the website we are about to visit is both genuine and safe, but we can certainly reduce the risks to an acceptable level by applying some commonsense, some critical awareness, and some free tools.