Do you have to buy a product online and do you want to check the degree of reliability of the site from which you intend to make the purchase? Do you want to register an account on a website but you are not sure that the information you will send is protected? I can understand your doubts: among the many scams and phishing attempts that you read every day, it is understandable to be reluctant to share your personal information online, but there are solutions that can allow you to solve some doubts of this type and understand the degree of reliability of a site.
Let’s be clear: there are some elements that are impossible for a simple user to verify, such as the security of the database or the server where a site is hosted, but there are other details that can be examined independently and allow you to have a picture fairly reliable on the degree of reliability of a site or online service. What am I referring to? I’ll tell you right away: therefore, dedicate me only a few minutes of your time and let me explain how to understand if a site is safe .
Obviously, my advice will be of a generic nature and it is therefore up to you to have common sense when browsing online: be wary of sites that offer you free content that normally should be paid or that invite you to make payments through untraceable methods and / or that they do not provide any protection for the buyer. Always check the official sources and avoid entering your personal information lightly around the Net or downloading content to your PC without first checking its degree of trust. All clear? Well, then I would say that it is time to start, without going further. Happy reading and good luck for everything!
Index
- How to tell if a site is safe for online shopping
- How to tell if a site is trustworthy or not
- How to recognize if a site is safe: programs and apps
- How to tell if a website is reliable: news
- How to tell if a site is fake: phishing
How to tell if a site is safe for online shopping
Have you discovered a new online store full of useful things for you, but you are hesitant because you do not know how to understand if a sales site is safe ? Let me help you clarify the matter.
The first point to take into consideration is the security of the site: since it is assumed that you have to fill out forms containing your personal data, and / or carry out monetary transactions with electronic tools, it is essential that the data in transit to and from the ecommerce in question are safe and away from prying eyes.
For this reason, make sure that the site in question uses the HTTPS protocol : acronym for HyperText Transfer Protocol over Secure Socket Layer, it indicates the presence of a secure connection , whose data in transit is practically impossible to intercept (at least at the time of writing ).
To verify that a site is protected by HTTPS , take a look at the address bar of the browser: if so, it should show a locked padlock – generally colored green – or a symbol in the shape of a shield , immediately to the left of the page address. Also, the initial part of the website, if visible, should match the wording https://.
If the site in question is not protected by HTTPS (you should see the symbol of an open red lock or a crossed-out shield ), or if you receive a message indicating the presence of an expired certificate , leave it immediately : if the data in transit are not secure, you could fall victim to cyber attacks aimed at information theft, which could pose a serious risk to your identity and your finances.
Another thing to pay attention to, when it comes to online sales sites, is the support for payment methods with traceability : therefore, yes to all those ecommerce portals that support systems of proven reliability and security, such as PayPal accounts (with purchase protection), Amazon Pay , Google Pay , Apple Pay , online transfer / check (taking care to always specify the precise reason for the payment) and credit / debit card transaction through authentication on a certified device (eg VISA Secure , known previously as Verified by VISA , eMastercard Identity Check , formerly known as Mastercard SecureCode ).
The possibility of payment on delivery is not to be condemned, but make sure that the courier – or the employee – who will deliver the goods will issue you a regular invoice and / or payment receipt, to be shown where problems with the order are found.
Instead, I advise you to be wary of requests for payments with non-traceable systems, such as PostePay recharges or other similar cards, PayPal payments in Money Box or passed off as donations (the first, among other things, no longer available), transfers via Western Union or other domestic and international cash exchange systems, and so on.
The reason is obvious: systems of this type do not guarantee any traceability or causal reason. Therefore, an unscrupulous seller may decide not to send the agreed goods, even after receiving the money, since it is not possible to prove in any way that the payment was made following a specific purchase agreement (which it happens instead with traceable systems).
As a last step, take a look at the information about the shipment of the goods and the origin of the same : make sure that there is no risk of running into customs duties or other additional costs (which are not clearly expressed during the purchase phase) and that the couriers used for transit and / or delivery are known and safe.
If an ecommerce site passes these preliminary “checks”, there is a good chance that it is safe for purchase; however, before proceeding, make sure that the portal in question is also reliable and that it guarantees a good percentage of success in the correct delivery of the goods, otherwise you may find yourself wasting time (and, in some cases, money). I analyzed the reliability aspect in the next chapter of this guide.
How to tell if a site is trustworthy or not
The Web is beautiful because it is varied but, alas, not easily classifiable: this is the reason that prompts me to specify, right away, that there is no list of attributes that can denote with absolute certainty the reliability or otherwise of a given site , but a little common sense and some useful advice are enough to try to draw your own conclusions, from time to time.
For example, a reliable site should in theory protect the data of its users (especially if it involves filling out forms, logging in or storing, in some way, sensitive or personal data): for this reason, the presence of HTTPS (of which you I mentioned earlier ) is almost mandatory, although not strictly necessary for all those sites that do not provide for any exchange of information. Furthermore, a reliable site should be, in general, well organized, maintained, updated and consistent with the information for which it was created.
A great task about the reliability analysis of a site is the so-called review system : there are, in fact, portals and services that allow you to find out on the fly the opinion of users about a given site, service or portal, simply by typing the ‘URL or by visiting it.
One of these is Trustpilot : it is a review aggregator, in which all the user experiences of other users about a specific site or service, whether IT or not, are collected in order to understand the degree of reliability. I really recommend Trustpilot for a very specific reason: reviews cannot be removed by website owners or companies and this ensures a good level of transparency.
The site is very easy to use: you simply have to use the search engine that you find on the home page to type the name of the company or the website (in the site.ext format , eg site.com ) of which you want to know the reviews . After pressing the Search button , you will be shown the corresponding search results, from which you will have to select the one most in line with your needs.
In the summary page relating to the site / service searched, you should find a score and all the reviews written by other users; There are also filters available to read reviews with only one star or completely positive ones, to give you some examples. However, have the foresight to make a critical analysis in reading the opinions, filtering those that, in your opinion, do not actually reflect a completely negative vote or, vice versa, a positive one.
Just to give you an example, a review that has an opinion on the service without any arguments being made about it on the user experience, certainly does not have the same weight as another in which the processing received by the user from the early stages up to the provision of the service itself.
Another service that allows you to check the reliability of a given website “on the fly” is certainly MyWOT : it is a website reputation assessment tool that can be used from its official website , via a browser extension. Google Chrome and Mozilla Firefox and also as a free app for Android (try to see if there is also on alternative markets to the Play Store ), iOS and iPadOS .
When you browse the web with the MyWOT extension active, it will present a colored icon based on the trustworthiness of the website. The color types are: green for trustworthy, yellow for suspicious, red for untrustworthy and gray to indicate that website is unknown and MyWOT has no information to provide an evaluation of the website.
Again, you can check the reputation of a given site by searching on Google for phrases like [site name] reviews , or by taking a look at social networks: if, for example, the site has an official Facebook page , just take a look at the comments. to understand if there are more or less serious complaints from users.
As I already told you at the beginning of this chapter, however, these are only useful tips and do not represent terms of absolute comparison: sites with totally positive reviews could reserve unwelcome surprises, for example, if used for a certain purpose. Therefore, some additional parameters should be evaluated, specific according to the website you visit: let me give you some examples about it.
How to recognize if a site is safe: programs and apps
If you need to download a program or an application, pay close attention to the place from which you choose to obtain it: personally, I invite you to always prefer the installation of programs and applications from stores of proven reliability and reliability , such as Microsoft Store , Mac App Store , Play Store , Amazon Appstore , HUAWEI AppGallery and App Store . This is because the applications uploaded by the developers are meticulously checked during the approval phase and the chances of finding yourself in the presence of harmful software are certainly low (although not nil, it must be admitted).
If the programs / applications of your interest are not available on the relevant reference stores, try to obtain the installation files (whether in .exe , .dmg , .pkg or .apk format ) always from the official website of the software house or the developer who designed them .
Thumbs up also for all those websites dedicated to open source software, such as Github , SourceForge , PortableApps or LaunchPad : they host freely accessible programs (and related sources), which are then examined by the entire community and promptly removed, in case of malicious code.
There are also websites that act as aggregators for different categories of software, almost always not equipped with an official download portal, obsolete or, for some reason, far from widespread: personally I do not recommend using them but, if you really have to, lend pay particular attention to what you are going to download and install , as there is no guarantee as to the integrity and nature of the hosted files .
In particular, make sure that the files are not obtainable only after a specific downloader (the latter almost always carry spyware or adware ) and, before running them, always examine them with an online antivirus solution or with an “offline” antivirus , to avoid – however much possible – the presence of known threats.
Finally, strictly avoid all those websites that promise free download of programs or apps that are notoriously paid : in almost all cases, the downloaded executables are almost always anything but harmless and explicitly aim to damage the computer, smartphone, tablet and / or the data hosted on them.
How to tell if a website is reliable: news
The speech to be made with regard to Internet sites dedicated to news is, if we want, even more complicated than that seen previously: unfortunately, hoaxes and fake news are on the agenda and there are people (even quite skilled) able to make credible news that, in reality, have very little truth.
To start, take a look at the domain name of the site, that is the “name” you see on the URL bar: sometimes, sites dedicated to fake news use domains that are very similar to those of sites that are notoriously serious and authoritative, which can easily confuse the user due to the modification of a single letter, mostly difficult to distinguish on small screens or particularly high resolutions. To give you an example, aranzulla.it could become aramzulla.it , lastampa.it could become lastanpa.it , corriere.it could become corriere.lt and so on.
Again, check that the articles present are written using a correct grammatical form and objectively analyze the facts presented; if it is a website that you have never heard of before, make sure that in the body or at the bottom of the article there are references to the original source of the news , and verify from there the conformity and truthfulness of the same.
Clearly, it is always good to check the online reputation of the site you read (as I have already explained to you in the initial step of this chapter) and, if you still have suspicions, to check the longevity of the site in question.
By this I do not mean that all young websites are unreliable but, if the previous analyzes have already provoked doubts and suspicions in you, analyzing this parameter could help you draw a definitive conclusion: almost all fake news sites are born and they die within a few months, due to the numerous (and very dutiful!) negative reports received from attentive readers.
You can easily check the creation date of a given website using the DomainTools Whois Lookup service : after connecting to its home page, type the URL of the site in the dedicated field and press the Search button , located immediately next to it. If necessary, pass the anti-robot check that should appear on the screen, wait for the summary screen to appear about the “features” of the website and take a look at the Created on item inside it, to get the information you are looking for .
How to tell if a site is fake: phishing
Finally, I feel compelled to give you some more information about another category of websites to which you should pay particular attention and, alas, increasingly widespread in the world of the Internet: fake sites aimed at the theft of their sensitive data , a known practice. jargon with the term phishing .
Sites of this type spread like wildfire mostly through instant messaging systems (eg. WhatsApp ), social networks , email or, even worse, SMS , and are designed with the specific intent of obtaining information, access credentials or bank details of unsuspecting users, inducing them to enter them in blatantly false forms.
Usually, a message containing a phishing site requires the user to provide their personal data , those associated with Internet banking , those of a specific personal social / ecommerce profile (eg Amazon, eBay, Facebook, Google etc.) for the alleged unblocking of blocked cards, suspended accounts, failed shipments or sudden sending of money by self-styled very distant relatives or unknown magnanimous ones. Phishing messages are often written in rather dubious Italian or, even worse, in a foreign language (mostly English).
If you find yourself in the presence of such a message, trash it without thinking twice, without visiting the link contained within it, for no reason : in most cases, phishing web pages have a very similar URL and appearance. to that of “serious” portals that tend to ape and could easily deceive the user, who could be deceived by the familiar screen and induced to fill in the present form with data that should never be leaked.
Wait, you ask me what could happen if I were to naively enter the requested information on a phishing site? Unfortunately, I can’t give a precise answer to your question, as the criminals who hide behind the whole system could have the most disparate intentions.
However, I know exactly what you should do immediately after the crime : if you have provided your credit card number and CVV , block it as soon as possible by calling the emergency number that was provided to you by the card issuer. (active almost always 24 hours a day, 7 days a week). Timeliness at this juncture is a must, as large sums of money could be spent, before the reference credit institution can become aware of “strange” movements and block transactions autonomously.
In general, if you have entered your financial data or other information attributable to them (IBAN, home banking login credentials, etc.), contact your credit institution immediately and explain the situation to an insider , who will certainly know how to help you.
Then, if you have leaked the login credentials for a given site or service, immediately change the relative access password (before someone else can do it for you by closing yourself, in fact, out of the account), activate the two-way authentication factors (if you have not already done so) and, finally, try to contact the website operator , so that we can explain the situation in which you found yourself and receive further information about the protection of your data, your finances and , in general, about your privacy.