ITS

Information Technology Services
Information Technology Services

How do I tell if a website is safe?

Queen's is a prime target for Phishing email attacks.  These attacks are very well designed to trick unsuspecting users to enter their NetIDs and passwords.   For this reason, Queen’s has invested in Extended Validation Certificates for our websites providing an extra layer of security that will help users recognize whether the site they are on is legitimate and secure.

Extended Validation Certificate

The Green padlock

The Site Identity button (a padlock) appears in your address bar when you visit a secure Queen’s website. You can quickly find out if the connection to the website you are viewing is encrypted, and whether Queen’s owns the website. This should help you avoid malicious websites that are trying to obtain your personal information.

As you can see in the examples below, all web browsers display a secure Queen’s site in a similar manner.
The green padlock indicates that:

  • You are definitely connected to the Queen’s website whose address is shown in the address bar and that the connection has not been intercepted.
  • The connection between the browser and the Queen’s website is encrypted to prevent eavesdropping.
A green padlock plus the name of Queen’s University, also in green, means this website is using an Extended Validation (EV) certificate. An EV certificate is a special type of site certificate that requires a significantly more rigorous identity verification process than other types of certificates.  The majority of ITS websites that require user authentication with your NetID and password will be of this type.  Clicking on Queen's University at Kingston will open a window displaying the certificate.

In other words, pay attention to the lock and if your browsers address bar does not look like one of these, you are about to give your NetID and password to a malicious individual.

URL Address

Check the website's URL address carefully.  Sometimes a fraudulent website will imitate the design of a valid site in an attempt to trick the user into entering ids, passwords, and banking information.  Look carefully; don't get fooled by an extra character that your eye just glances over.

The lock icon - it isn't just a picture.  The grey locked padlock can be clicked to see the details of the site's security.  If a web site is copied, the lock will not work.

HTTPS - in a secure web site the address will begin with HTTPS

Internet Explorer

screen shot of address bar showing Extended Validation

Edge

screen shot of address bar showing Extended Validation

Firefox

screen shot of address bar showing Extended Validation

Chrome

screen shot of address bar showing Extended Validation

Microsoft Login pages

screen shot of address bar showing Extended Validation

Safari for Mac

screen shot showing Extended Validation certificate

FireFox for Mac

screen shot illustrating Extended Validation certificate

Microsoft Login Page for Mac

screen shot illustrating Extended Validation certificate

 

 

Last Reviewed: September 21, 2017