While many website owners take action to keep their websites secure, it’s very common for website owners to be unaware of a hack.
By Tony Perez
The average American spends 24 hours a week online (MIT Technology Review/Report from USC Annenberg January 2018). That’s a lot of web surfing, and a whole lot of exposure to websites that may not be safe. While many website owners take action to keep their websites secure, it’s very common for website owners to be unaware of a hack. In fact, GoDaddy’s Security team analyzed 65k infected websites and found that only 10% of the infected websites were blacklisted by a Google, Norton or McAfee. This means that a very large percentage of website owners are unaware that they have an issue, making the challenge for every day online consumer to differentiate between good and bad that much harder. This means it’s crucial for online consumers to think about their own cyber security and to look out for signs that they may be on an unsafe site.
1) Is the site behaving like you would expect the site to perform
While this is abstract, there really are things you can check. Do the links work that you’re clicking on. Is the page loading completely and looking like a fully finished website? If you browse around, is it responding quickly? Are you seeing bits of computer code on the website? Are you seeing references to things that don’t belong (e.g., you’re on a site about cupcakes but seeing references to viagra?
Why are these the types of things you look for? Because they are not normal and legitimate website owners won’t try to introduce these kind of anomalies. If you come across them, it’s usually one of two things. Either the hackers do the minimum to make the site passable in order to trick unsuspecting people, or they have broken a legitimate website. Either way, it’s not good. Always better to err on the side of caution, especially on the web.
If you feel like a website might be compromised, the best thing to do is leave the site immediately. Then, make sure you were going to the proper website for the company and if you’re still experiencing weird things, contact the website owner.
2) Watch out for weird pop-ups
Another giveaway that things aren’t as they should be are pop-ups unrelated to the website you’re visiting. Let’s say you’re shopping for flowers for your significant other. All of a sudden, a pop-up shows up that is advertising a free cruise to Hawaii. Or maybe they’re telling you that your computer has the “WORLD’S WORST!?!?!?! VIRUS” and you need it cleaned right now. Now, most browsers have automatic pop-up blockers, right? Well, if you’re looking at a site and the notification pops up that Firefox has just stopped two pop-ups from appearing, that’s an indicator that something is wrong.
Chances are, the website has been compromised or being used as a distribution mechanism (e.g., malvertising). This means the bad guys have injected code into a real website that causes these obnoxious pop-ups. Most of the time, that’s not the only thing they do. In our research we have found that in 65% of the infections we analyzed attackers introduced backdoors allowing them to regain access even after the infection was removed. They use these backdoors to bypass new security controls and leverage the site for other nefarious activities. Leave the website immediately. If you have visited the website in the past, contact the owner and let them know what you’re seeing.
3) If you visit a bad site, then what?
So, now that you’ve visited a compromised website, all is not lost. It’s good to close all your tabs, and quit the browser. If you are suspicious, don’t enter your credit card information into the website, don’t give them any information. After you leave the website, it’s a good idea to run a malware check on your computer. A really good one to use is MalwareBytes. It’s free and easy to use.
4) The URI reads “not secure”
In July, Chrome will be changing their indicators to notify online users that a website using HTTP only is “not secure.” This will be a good indicator that the website you’re visiting is not keeping up with the latest changes in the security landscape. It doesn’t mean they are hacked, but it does mean they have not updated their security controls. Best to wait for the website owner to catch up with the latest recommendations.
Signs of good websites to visit
There are a couple of ways to check if a website you’re visiting is performing properly.
1) SSL Certificates
A site with a Secure Sockets Layer (SSL) certificate is indicated by a lock icon on the browser in the address bar. A lock in the address bar means the data being transferred between you and the website your visiting is encrypted. Google Chrome is implementing changes to their browser, which will now mark the site as Not Secure if they do not have an SSL certificate. It’s good to get in the habit of looking out for the lock icon. While this doesn’t necessarily speak to the controls the site owner is implementing as an organization, it at least shows that the website owner is thinking about these things and is taking a step in the right direction.
2) Secure Site Badge
Look for a badge that shows the site has been checked recently for any malicious behavior. GoDaddy Security and Sucuri Seal is one example of a service that scans a site for malicious behavior each day. The badge will show you the results if the website passed or failed the inspection.
Bottom line, you as the consumer of information are the one ultimately responsible for your own security. It’s important to be alert while surfing the Internet and especially before sharing any personal information. Keep your eyes peeled for the bad and the good signs of a website’s security every step of the way: look out for any funny business in the form of slow browsing or unrelated pop-ups, and check for SSL certificates and secure site badges that will let you know you’re visiting a site that is performing properly. If you keep these red flags in mind, you’re sure to be much safer online.
Tony Perez is the GM Security Product Group at GoDaddy.