Blog
Sushmita Kalashikar

Beware! The padlock icon and HTTPS are no more indicators of safe website

June 14, 2019
13
Estimated reading time: 2 minutes

The evolving cyber threat landscape has taken a new leap. The recent past shows a startling rise in the number of incidences of phishing attacks, where visitors have been lured into clicking fraudulent links, under the cover of security marks like padlock icon and ‘HTTPS’.

Considering the rising number of fraudulent websites pretending to be secure official websites owing to the green padlock icon and HTTPS, it is no longer safe to blindly trust websites containing these marks of security since, there is no way to confirm whether the website in question has been hardened against intrusions.

Yes, you heard it right!

As per findings by Quick Heal security labs, hackers have just got smarter and are using people’s trust on website certificates as just another means of rolling out phishing campaigns.

Till date, the padlock icon and HTTPS in web link, were considered as safety indications that the link is secure to be browsed and visitors can safely share their data. The HTTPS protocol especially meant that the website is secure against hackers and spying agents but nowhere did it ensure that the website is benign.

However, off recently, cyber criminals are breaching people’s trust on the padlock icon and HTTPS. As per reports, more than 15,000 TLS certificates have been unveiled containing the word ‘PayPal’ that hackers are using to carry out malicious attacks, while playing with the trust of people. The fact that new domains and sub-domains are springing up every now and then, has made it all the more difficult for people to differentiate a legitimate site from a fraud one.

While there are no 100% effective solutions available to empower and protect internet users against such phishing scams, here are few quick tips to protect yourself from becoming an unsuspicious victim:

  • Treat every email you receive with a suspicious eye. Avoid accessing websites by clicking directly on links received via email messages/SMS; especially those asking for personal information.
  • As a practice, it is recommended to have shortcuts for your frequently used websites or have them saved as favourites in the browser.
  • Get out of the habit of trusting a website blindly just because it has a padlock icon or ‘HTTPS’ in its address.
  • Keep your eyes open for wrong or misspelled domain names. These could be the very first and genuine indicators that the website is a spam.
  • It’s always good to pay attention to the links, especially when you are accessing banking websites or those websites where you have to enter your credentials or personal data. You can look for below details to confirm the site’s security:
  • Is there a green padlock in the address bar?
  • Does the link match with the website you intended to visit or expected?
  • Is the EV certificate for the website available or not?

Once you are absolutely confident and satisfied that the website belongs to the domain of the company that you intended to visit, only then enter your credentials or personal data.

In short, do your research before you trust any website as precaution is always better than cure!

Have something to add to this story? Share it in the comments.

Sushmita Kalashikar
About Sushmita Kalashikar
Sushmita is the content strategist for Quick Heal, with a passion for creative and technical writing. She is also a published author on...
Articles by Sushmita Kalashikar »

13 Comments

Your email address will not be published.

CAPTCHA Image

  1. Rajiv Ranjan SharmaJune 18, 2019 at 6:30 PM

    Thanks Sushmita for this valuable information.

    Reply
  2. Vipin KarandeJuly 16, 2019 at 5:49 PM

    Thanks for sharing important information.

    Reply
  3. Lalita KumarJuly 21, 2019 at 5:56 PM

    Thanks for your valuable information

    Reply
  4. dhananjay1953@gmail.comJuly 24, 2019 at 7:56 AM

    KEEP UPDATING US WITH
    SUCH EYE-OPENERS.
    Dr. DHANANJAY SHAH

    Reply
  5. Hari narayan bhagatJuly 30, 2019 at 1:44 AM

    Thanks Sushmita for this valuable information.

    Reply
  6. VIRENDER SINGH BISTAugust 19, 2019 at 9:21 PM

    Making people ready for the latest threats is an important part of QH Anti-virus which goes in building the trust with QH.

    Reply
  7. tapan kumar palAugust 21, 2019 at 9:37 AM

    Thanks for sharing important information.

    Reply
  8. kashyapmehta2008@gmail.comAugust 26, 2019 at 10:20 PM

    i m not able to renew my antivirus i have purchsed a key when i m trying to register its saying(quick heal registration is not responding. this maybe due to high traffic. pls try after some time contant tecnical support if this problem persists) pls help me to renew

    Reply
    • Sushmita Kalashikar Sushmita KalashikarAugust 28, 2019 at 6:03 PM

      Hi Kashyap,

      Thank You for writing in. Our support engineers would be glad to help you with this issue. Kindly visit http://bit.ly/QHChat to chat with us online or call us on our toll-free no. 1800-121-7377. You can also raise a ticket at http://bit.ly/Askus and we will get back to you at the earliest.

      Regards,
      Team Quick Heal

      Reply
  9. Thanks Sushmita for this valuable information.

    Reply
  10. Sanajivv JaggirdarAugust 28, 2019 at 1:10 PM

    Thanks for Sharing this valuable Information

    Reply
  11. Gobinda BaruahAugust 29, 2019 at 5:14 PM

    Thanx. Very useful info.

    Reply
  12. Tejveer singhNovember 23, 2019 at 8:20 PM

    Thanks for sharing important information.

    Reply