7 simple steps to check if a website is safe

January 24th, 2021

By Darren Jackson

With websites starting with http:// and https:// and ending in different top level domains like .com, .net, .co, .store, .help and more; it can be a challenge to know what websites are safe and secure for you to visit. Here are 7 simple steps to help know if the website is legit or not.

  1. Check the SSL certificate

Check the URL of your website and see if it says “HTTPS” at the start of the address (instead of “HTTP”). This means the website is secure with an SSL certificate. The SSL certificate is used to secure all data that is passed from the browser to the website’s server.

If you look at the address bar of your browser right now, you will see that there is a small padlock before the address of our blog.

Clicking on it, a message stating that “the connection to this site is secure” will appear, depending on your browser, of course.

Okay, but what does that mean? Well, this means that there is a company guaranteeing that the communication between you and the company responsible for the website cannot be intercepted or modified.

Imagine that you go to a shopping website and inform the company about your personal data. Without SSL certification, this information could be copied — without you or the store noticing any hack.

Therefore, the first step to check if a website is safe is to verify that it has that certification. That security item is already considered by Google when ranking the sites in its list of search results.

So, if you’re wondering how you can get your WordPress site to appear on Google, know that having a security certificate is one of the criteria.

  1. Analyze if the site has a modern theme

You may be wondering what this topic has to do with website security. The themes, as well as practically everything that forms a website, are made with code. Over time, some of the settings written in code become obsolete, which can make the page vulnerable.

According to an article published by G1 in 2020, more than one million WordPress sites may be vulnerable due to some plugins and themes. That does not mean that the platform is worse than others, but that, as with any system, a website owner must be cautious when choosing themes and plugins.

  1. Use security tools to evaluate the site

You probably have an antivirus installed on your computer, right? Most digital security companies develop systems that show the user when a website is secure.

In some cases, those tools prevent navigation from continuing when there is no security certificate at the address — or when it has already expired.

Other companies allow the Internet user to evaluate the site and decide whether or not to continue browsing. Those tools are usually installed automatically with the antivirus, like browser plugins. Moreover, there are many VPN services and pentesting functions that may be useful to you.

  1. Check the URL

Knowing that many users do not pay attention to details, some criminals benefit from this behavior when applying scams. A missing letter, a typo, and, in some cases, serious grammatical errors are clear signs that the site is not secure — that it is likely a scam attempt.

In some cases, fake addresses replace characters, for example, changing the “o” to a zero. For those in a hurry, the g0ogle.com website may be something that doesn’t even draw attention.

  1. Be wary of security seals

Many companies do certify sites with security seals. However, it is not difficult to create a fake stamp in editing programs and insert it on the pages.

The ideal action is to check the authenticity of the seal by clicking on it and checking if it redirects you to the website of the company that issued it or if it offers any more information. Fake stamps are images that don’t provide any of those details.

You should also search for the badge on Google, checking if that certification really exists. This is essential on e-commerce pages.

  1. Find out who owns the site

Verifying this information is quite simple. Every website must be registered in the name of an individual or legal entity. Companies like Whois Lookup allow you to search, in the Whois field, for the ownership of a website.

  1. Escape spam

Some items — like banners blinking incessantly, exaggerated promises, or very low product prices are classic indications that a website, email, or advertising is not safe. Although they look like something from the 1990s and 2000s, there are still people who ignore features and trust websites that use these tricks.

It is a fact that technology companies are investing in security, and it is only up to users to also do their part regarding navigation. A safe website is very important, but so is safe browsing — and the 7 steps in this article can help you behave more carefully on the web.