If you’ve been following our blogs, you’ve likely picked up some crucial tips for staying safe online. You know not to click on links in emails and to verify a website’s credentials before entering sensitive information. You might have also learned to look for “HTTPS” at the beginning of a URL, assuming it always means the site is secure.

However, the truth is a bit more complicated. While “HTTPS” does indicate encryption and generally means a safer website, it’s not foolproof. Hackers are finding ways to exploit encrypted sites for their malicious activities, staying one step ahead of us.

There are a few ways cybercriminals achieve this. Some hijack legitimate websites that are already encrypted, gaining access to any information entered there. Others create their own websites and encrypt them. Unfortunately, authorities can’t easily shut down fraudulent sites, so even if a site is reported, all they can do is revoke the HTTPS certificate; they can’t remove the site or its content.

So, seeing “HTTPS” or a padlock symbol in your browser doesn’t always guarantee authenticity. This underscores the importance of ensuring you’re logging into the correct site, not a copycat. The advice about avoiding email links holds true, even if the link leads to a seemingly legitimate, encrypted site. You can’t be certain it’s not a scam.

Remember, don’t click on links in emails, and teach your employees the same. Only share login credentials on a need-to-know basis and change passwords when key employees leave.

When logging into a bank or service provider’s site, type the known address. It’s the only way to ensure you’re on the correct site.

For more tips on internet safety for you and your business, call us at 888-RING-MY-TECH. We can assess your security protocols and recommend changes to protect your data, customers, and livelihood.