2. The TRUE SSL certificate
don’t settle for less!
When asked to show ID,
do you pull out a membership card
from your favorite club?
An SSL (Secure Sockets Layer) certificate is
Of course not! It has no legal value, like a piece of ID. It is issued to websites by
and merely showing the card doesn’t organizations called Certificate Authorities
prove you are its real owner. after control procedures whose complexity
varies based on needs. The SSL certificate
On the Internet, the same holds true.
guarantees the identity and transfer of data
The only way you can be confident through a secured connection. All information
and rest assured that it’s safe and sent by a user to a website is encrypted, and
risk-free to share important data, only the website has the means to decrypt it.
Without a certificate, the information travels in
including your bank account details,
plain text and can be intercepted by hackers.
is to use an SSL certificate.
How can I recognize a certified website?
It’s easy! When a site prompts
There is no padlock displayed
your to enter sensitive data, The use of HTTP, as opposed to HTTPS, in the address bar.
proves that the connection is not secured. This “phishing” site is a scam!
ensuring you that your data will
be protected, you must check
two things. First, the address
should change from
http://www.nameofsite.com This website features a padlock,
but it is displayed on the page
to httpS://www.nameofsite.com. and not in the address bar.
The additional “s” indicates that
the connection is now secured.
Second, a padlock
should appear in your address bar.
Warning: a padlock displayed elsewhere on the screen has no value.
3. Seven golden rules
for well-informed buyers
Don’t click on links in email
The email might be from a hacker who has usurped the identity of a friend in an attempt to lead you
to a fraudulent site and steal your sensitive data.
Never send your bank account details by email
Emails are not encrypted and the data they contain can be easily intercepted.
Be wary of reassuring logos
Anybody can add the logo of an antivirus vendor or bank to a website to make users think the site is
protected. Dynamic site seals, on the other hand, are trustworthy.
Be cautious!
Don’t make purchases from Internet cafes
There are hardware and software devices that track keyboard activity unbeknownst to users.
Always use a trusted computer when entering sensitive data.
Trust your instincts
If a website makes you feel suspicious, it is probably not worthy of your trust.
Stick to well-known sites.
Always double-check the website address
Sometimes typing www.keynetis.com instead of www.keyneCtics.com is all it takes to end up on a
fraudulent site. Watch out for typos!
Verify certificate quality
Check the color of your address bar. Red means the certificate is worthless; no color means the
certificate is valid but has not undergone in-depth verification. A green bar, on the other hand, means
the site has been well-vetted and has been issued an Extended Validation SSL certificate. Such sites
are also protected against phishing. Your connection is secured.
4. Don’t make it easier for them!
One informed user is worth ten!
Be cautious!
Even the best anti-virus in the world cannot
guarantee total security. It is therefore essential
to remain very vigilant when you go online and
to be familiar with cybercriminal techniques in
order to avoid them.
Three types of attack are especially popular
these days:
Typosquatting (also known as URL hijacking), is based on typographical errors.
Certain hackers create websites whose names are phonetically very similar or spelled almost
exactly the same as a well-known site. Always double-check the URL in the address bar.
Phishing is a technique that consists in fooling victims into believing that they are on a trus-
tworthy site (bank, administration, etc.) in order to steal their sensitive data. In this type of
attack, links are generally inserted into emails, directing the user to a fraudulent site or a site
whose name closely resembles that of a well-known site. Typically, if keynetics.com is an
authentic site, keynetics.myaccount.com could be a spoof. The only way to verify site
ownership is to make sure the address bar is green.
keylogging (or keystroke logging), is a technique in which hardware or software is used to
covertly track the keys struck on a keyboard. The hacker thus “eavesdrops” on all of your com-
puter activity in order to obtain sensitive data. Only use a trusted computer and install an anti-vi-
rus on your machine.
To find out more, feel free to write us at: confiancesurinternet@keynectis.com
In order to be regularly informed about new guides on this topic.
Protecteur d’identité
Protecteur de liberté
dans un monde connecté