When signing in to a website such as Facebook or Amazon, have you ever seen the beginning of the URL change from “HTTP” to “HTTPS”? How about a small lock icon at the top of your browser? The “S” in “HTTPS” stands for “secure” and indicates that your web browser is accessing the website through a secure connection that no one else can access. The lock icon also indicates that the website is secured with a digital certificate.

However, a website is not necessarily secure just because “HTTPS” is included in the URL. A website using HTTPS can be safer than a website using HTTP, but cybercriminals can get HTTPS certificates, too. Cybercriminals often use HTTPS URLs to trick unsuspecting victims into clicking phishing links.

HTTPS websites can offer a false sense of security, so you may be tempted to automatically trust them. However, it’s important to remember that even legitimate HTTPS websites may have vulnerabilities that cybercriminals can exploit. You should never rely on an HTTPS URL or even the lock icon at the top of your browser for security.

Tips to Stay Safe

Follow the tips below to make sure the website you’re visiting is secure:

• Watch out for misspelled domains. For example, a link may contain the word “Annazon” instead of “Amazon.” Some misspellings are easier to catch than others, so make sure to look closely!
• If you receive a login link through email or text message that you weren’t expecting, don’t click it. Cybercriminals can send you malicious links that look legitimate. Always navigate directly to the website.
• Remember to look for the “S” in “HTTPS” before you enter any sensitive information into a web browser. Even then, remain cautious.