The TRUE SSL certificatedon’t settle for less!When asked to show ID,do you pull out a membership cardfrom your favorite club? An SSL (Secure Sockets Layer) certiﬁcate isOf course not! It has no legal value, like a piece of ID. It is issued to websites byand merely showing the card doesn’t organizations called Certiﬁcate Authoritiesprove you are its real owner. after control procedures whose complexity varies based on needs. The SSL certiﬁcateOn the Internet, the same holds true. guarantees the identity and transfer of dataThe only way you can be conﬁdent through a secured connection. All informationand rest assured that it’s safe and sent by a user to a website is encrypted, andrisk-free to share important data, only the website has the means to decrypt it. Without a certiﬁcate, the information travels inincluding your bank account details, plain text and can be intercepted by hackers.is to use an SSL certiﬁcate.How can I recognize a certified website?It’s easy! When a site prompts There is no padlock displayedyour to enter sensitive data, The use of HTTP, as opposed to HTTPS, in the address bar. proves that the connection is not secured. This “phishing” site is a scam!ensuring you that your data willbe protected, you must checktwo things. First, the addressshould change fromhttp://www.nameofsite.com This website features a padlock, but it is displayed on the pageto httpS://www.nameofsite.com. and not in the address bar.The additional “s” indicates thatthe connection is now secured.Second, a padlockshould appear in your address bar.Warning: a padlock displayed elsewhere on the screen has no value.
Seven golden rulesfor well-informed buyers Don’t click on links in email The email might be from a hacker who has usurped the identity of a friend in an attempt to lead you to a fraudulent site and steal your sensitive data. Never send your bank account details by email Emails are not encrypted and the data they contain can be easily intercepted. Be wary of reassuring logos Anybody can add the logo of an antivirus vendor or bank to a website to make users think the site is protected. Dynamic site seals, on the other hand, are trustworthy. Be cautious! Don’t make purchases from Internet cafes There are hardware and software devices that track keyboard activity unbeknownst to users. Always use a trusted computer when entering sensitive data. Trust your instincts If a website makes you feel suspicious, it is probably not worthy of your trust. Stick to well-known sites. Always double-check the website address Sometimes typing www.keynetis.com instead of www.keyneCtics.com is all it takes to end up on a fraudulent site. Watch out for typos! Verify certificate quality Check the color of your address bar. Red means the certiﬁcate is worthless; no color means the certiﬁcate is valid but has not undergone in-depth veriﬁcation. A green bar, on the other hand, means the site has been well-vetted and has been issued an Extended Validation SSL certiﬁcate. Such sites are also protected against phishing. Your connection is secured.
Don’t make it easier for them! One informed user is worth ten! Be cautious! Even the best anti-virus in the world cannot guarantee total security. It is therefore essential to remain very vigilant when you go online and to be familiar with cybercriminal techniques in order to avoid them. Three types of attack are especially popular these days:Typosquatting (also known as URL hijacking), is based on typographical errors.Certain hackers create websites whose names are phonetically very similar or spelled almostexactly the same as a well-known site. Always double-check the URL in the address bar.Phishing is a technique that consists in fooling victims into believing that they are on a trus-tworthy site (bank, administration, etc.) in order to steal their sensitive data. In this type ofattack, links are generally inserted into emails, directing the user to a fraudulent site or a sitewhose name closely resembles that of a well-known site. Typically, if keynetics.com is anauthentic site, keynetics.myaccount.com could be a spoof. The only way to verify siteownership is to make sure the address bar is green.keylogging (or keystroke logging), is a technique in which hardware or software is used tocovertly track the keys struck on a keyboard. The hacker thus “eavesdrops” on all of your com-puter activity in order to obtain sensitive data. Only use a trusted computer and install an anti-vi-rus on your machine. To ﬁnd out more, feel free to write us at: conﬁancesurinternet@keynectis.com In order to be regularly informed about new guides on this topic. Protecteur d’identité Protecteur de liberté dans un monde connecté