What Does The Green Padlock On HTTPS Mean?
HTTPS and green padlock is an encryption and encryption is security. Well, that’s how most of the users identify the authenticity of the website. Don’t you agree? Moreover, to the majority of the people “green padlock” means a secure platform to enter the credit/debit card details and other credentials on the website without thinking twice. However, nowadays a green padlock is not enough to share your sensitive data with any website. Want to know why is it? If yes, check out why a green padlock appearance is in question now!
What Do ‘Green Padlocks’ Mean?
A green padlock shows that your connection with the website is secured and encrypted. Moreover, the websites that come with an SSL (Secure Sockets Layer) correctly installed only they’ve a green padlock beside the URL of the website. That means, nobody can get your IDs and passwords, personal or financial information that you fill in the website at the time of payment. For the safety and security of your credentials, users should always check a green padlock in address bar before entering their financial information with the website.
Normally, the presence of the green padlock in the address bar reflects that the website you’re browsing is protected. However, due to the advanced technology and creative mind of attackers, various methods to get a fake security certificate to show a fake website as a genuine one have been discovered. So, nowadays it is difficult to say if a website that has a green padlock is genuine or not.
How Cyber-Criminals Are Getting Green Padlocks?
In order to get a green padlock in address bar on the website, the developer must a have a certificate from a CA (certifying authority). Sadly, there are tons of free and affordable ones available that cost around ten dollars. With this, the URL of the website begins with HTTPS rather than HTTP. For people who manage their own website, it is the simple and most straightforward process, but cyber-criminals use the same way to get a green padlock on fake websites as well.
Illusion of Security
Google recently revamped Chrome and made changes to its interface. With the change, it shows the “secure” label and the green padlock for the websites which uses Let’s Encrypt certificates.
The latest version of Google Chrome carries a concealed option certificate authentication and it is also available in Developer Tools UX ˃ Security > View certificate that can be accessed by pressing CTRL + Shift + I from your keyboard.
So, this creates an illusion of security for people and that makes users susceptible to cyber threats.
High Risk Of Getting Scammed
Just to target a user, cybercriminals can send an email to change the current password of the PayPal account to protect the financial information. The email contains the https://paypal.com/ link that can redirect the user to the suspicious website to get the password of the user for the financial benefits.
Wherein, a person who has the knowledge about the green padlock will check out a green padlock in the address bar, that contains the word Secure and finish with “PayPal+something”. This information is more than enough for an educated person to reject the process and understand the trick of the attacker.
How To Verify A Website’s Certificate Authenticity?
Let’s take an example of “PayPal”. When you will try to access PayPal website manually, you’ll notice that the name of the link is different than the page its shows. In fact, you can open the PayPal link in various web browsers such as Opera, Edge, Google Chrome and Firefox. You’ll notice, apart from showing the green padlock in address bar, Google Chrome also accentuates the safety and security by showing the word “Secure” in the address bar.
To check out the authenticity of a certificate in Chrome, do the following:
Step 1: Firstly, press CTRL + Shift + I from your keyboard.
Step 2: Select “Security”.
Step 3: In the ‘Security overview’, under the Certificate, you need to click on “View Certificate” button.
Step 4: Now, in the certificate window, choose “Details” beside general.
Step 5: In the available filed look for the “Subject Alternative Name”.
Step 6: Once you’re done, choose “Certification Path” that is located next to “Details”.
Step 7: Please keep in mind the certificate should be issued by Let’s Encrypt Authority.
Must Read : Latest Scams to Watch Out for!
Guard Yourself from Phishing Attack
1. Always share your credit card and credential information with a trusted website.
2. Do not open the website with the provided link.
3. Follow multi-factor identity authentication (If possible).
The Bottom Line:
IT experts spent years sharing the importance of the green padlock in address bar and its security for the website. However, now it’s a time for them to educate users otherwise. Don’t you agree?