Check that websites are secure

What to do

Check if a website is legitimate and secure before providing any personal information like passwords, payment information or IDs.

How to do it

Check the site has a secure connection. Make sure that the url starts with https, not http. Click the symbol in the address bar next to the URL (in Chrome this is two circles and two lines, in Edge and Firefox it’s a lock). This will confirm whether or not the connection is secure. This does not ensure that the site itself is legitimate.

You can consider if the site is legitimate by using the Palo Alto Test A Site tool. This will give you information about the website including a risk category and when it was created.

Save your regular websites as bookmarks/favourites in your browser or in your password manager to always be sure you are on the legitimate website.

Why it matters

If your connection to a website is not secure, then anyone can see the information you share with that website. This could leave you open to scams, phishing attempts, credit card fraud or identity theft.

Cyber criminals can create fake websites that imitate real ones to trick you into giving them your login credentials or money.