By now, most of us have encountered this problem: you’re browsing the net like you always do and then, suddenly, BAM! A security warning about that site pops up. Naturally, you panic a little and think that your device is at risk. Then you proceed to leave the site or check if your phone or computer has been infected by a virus or something. It can be especially stressful since these days we often hear about identity theft, account passwords getting stolen, malware, and even ransomware.
Well, worry no more. we are here to enlighten you on this matter. Understand what causes the warnings and learn a few simple tips on how to manage them.
Security Certificates
One warning often received while browsing online is about security certificates. A security certificate acts as a sort of identification tool that signals users that a website is secure.
You may wonder if this security certificate is actually that important for websites and the answer is: Yes, very much so. The reason is that the information you send on the net is passed along many computers to get to the main server of whatever website you opened. If that site isn’t protected with the proper encryptions, then those other computers between you and the server can see your private information. These can include your credit card numbers, usernames, and passwords.
Let’s say you access an online service provider like your bank, an online store, Paypal, your email, or your private blog. When you go to these sites, you’ll notice that the URL begins with a lock icon and “https://” instead of just “http://”.
HTTP (Hypertext Transfer Protocol) is the bunch of rules that govern the transfer of files such as text, audio, images, videos, and other types of files you can find on the internet. The process involved, unfortunately, is not not secure.
HTTPS (Hypertext Transfer Protocol Secure), meanwhile, is the secure version of HTTP. As you can see, the “S” at the end of it stands for “Secure”. It means that all data sent between you and a website’s server is protected.
In other words, with HTTPS you’ll know that the information between you and the site you’re opening is kept private and the website is real. It is identified as being what it claims to be, similar to how you prove your identity with a username and password. By having an https, the site proves that it is run by the true owners through showing a security certificate to your internet browser, which then tells us that it is legitimate with a lock symbol.
If you do not see those things in what is supposed to be a “Secure” website or you see some kind of warning, then that site could be a fake. You may be sending some very important information to the wrong people. You can click on that lock symbol for more details if it doesn’t appear green or there’s a yellow warning icon on it. Security symbols are different depending on the browser you are using so you have to pay attention to that.
Expired Certificates
Similar to drivers’ licenses, security certificates have an expiration date. Usually, they’re only good for one to three years, but can last up to 10. So, if the owner of some website fails to renew this license before it expires, then there will be an error.
This is maybe the most common reason for security alerts on a regular basis. You might come across: “The security certificate presented by this website has expired or is not yet valid”. The term “Not yet valid” means that someone has started to use the license before they’re supposed to.
Unfortunately, this kind of oversight happens a lot but can be fixed quickly by the site owner. It’s usually safe to ignore the error provided that the expiration date on the certificate is quite recent.
Check the Date and Time
Another reason for getting security warnings is that the date and time on your computer is wrong. So, check your device’s clock. Make sure that the year, date, time, and time zone settings are all set correctly. These are usually overlooked because we’re confident that the clock always updates itself.
When your device checks the validity of the security certificate of a website, it involves the current time. If this is incorrect, your machine may assume that there is something wrong with the certificate.
The simplest solutions often work.
Exercise Caution While Browsing Online
Most of the time, certificate issues are simply omissions or oversights on the part of a website’s administrator. For example, the site’s admin simply failed to update their security certificate. If this is the case, you can contact them and let them know.
But the problem is not that simple. There can be other reasons for security warnings, such as malicious interception or malware. So, it is best to exercise caution. If you can find the information you are looking for on another and more secure website, do not proceed to opening the unsecured one.
When in doubt, take the safe route: don’t continue. Instead, double check that you types the domain name or the URL correctly. If so, contact the site owner to find out what’s really happening before interacting with the site.
What Should I Do If I See Another Warning?
The most important thing to do when you receive another security warning is check for details. You can find out the reason why the certificate was rejected and decide whether you should proceed and use the site anyway. If the certificate has expired, maybe the owner forgot to renew it. When you see this error, then check your clock and make sure that it’s accurate.
However, if the security website was revoked, then the site is using a fake certificate and you should not trust them. Always keep your eyes peeled for the details. On the other hand, when you see a certificate warning on some trusted websites, check their Twitter feed. Often they announce things like that.
In short, be vigilant because phishing scams and viruses are out there; but, also be curious. Find out why you see those security warnings so you can better protect yourself from the dangers of the internet.