Your Connection is Not Private. How to Tell if a Website is Safe

Summary:

• What it means when you receive a “Connection is Not Private” warning
• The importance of security certificates
• How to make sure a website is safe

What Does a “Your Connection is Not Private” Warning Mean?

Everyone who has surfed the internet has received the warning, “Your Connection is Not Private.” The message indicates that your browser has blocked you from a website because the connection between your device and the website’s host server is not encrypted. If you proceed anyway, cybercriminals will be able to see whatever interaction you have with the website in question.

Q: What’s the difference between HTTP and HTTPS websites?

A: HTTP transmits data such as webpages, passwords or form entries in plaintext, making it vulnerable to interception, eavesdropping, or tampering. HTTPS (the “S” for secure) adds a layer of TLS/SSL encryption. When users connect to an HTTPS website, their browser verifies the site’s SSL/TLS certificate, establishing an encrypted session in which the request, response, headers and cookies are hidden from prying eyes. HTTPS also confirms users are talking to the real server (authentication) and ensures data integrity.

A Safe Web Browser and SSL Certificates

The warning message signals that there is an issue with a website’s Secure Sockets Layer (SSL) certificate, a verification protocol that indicates an encrypted connection between a web browser and a web server. Basically, it’s how to tell if a website is safe. If the certificate is missing, expired, or has never been issued by a legitimate certificate authority, the user will not be afforded a secure HTTPS connection.

In today’s world of cyberattacks, an SSL certificate is the IT equivalent of a bartender asking for a photo ID to prove that someone is old enough to drink. Bartenders will not take someone’s word for it, and SSL Certificates are no different. If something is not right, a safe web browser will deny access.

Why Do I Sometimes See Different Warning Messages about Unsafe Websites?

Depending on the browser, there are slight differences in the wording of warning messages wording, but they all indicate how to tell if a website is safe. The different messages include:

• Safari: “Not Secure” or “Website Not Secure.”
• Google Chrome: “Your connection is not private” and “Attackers might be trying to steal your information from this website.”
• Firefox: “Your connection is not secure.”
• Microsoft Edge: “Your connection is not secure.”

Sometimes, the warning message will allow the user to go to the website anyway and bypass the warning, but ignoring an SSL certificate warning is not the best way to stay safe online. Without a secure HTTPS, the user is exposed to a wide array of cyberattacks. Whereas a proper SSL certificate for a website ensures that sent and received data is encrypted and you’re a safe web browser.

Q: What can happen if users ignore a “website is not safe” warning?

A: Ignoring a “website is unsafe” warning can expose you to real dangers: malware installation, phishing attacks, ransomware, identity theft, data interception (e.g., passwords, credit card info) or being redirected to more malicious sites. Users have mistakenly entered credentials on fraudulent pages and lost money, access and personal data. Simply visiting such sites can expose browser or plugin vulnerabilities.

What Is an SSL Certificate? What Is HTTPS?

In essence, an SSL certificate verifies the ownership and security of a website. Other information about a website is also available such as:

• The exact domain name for the website associated with the certificate
• The entity that owns the domain
• The expiration date of the certificate
• The issuing authority that provides the certificate

The good news is that if a hacker is trying to intercept data from a website and the data is encrypted with TLS/SSL, the information will appear as unintelligible, garbled text. Encryption is the protective “wrapper” for data flowing between devices and host servers.

What the Typical Reasons for an SSL Certificate Error Message?

Here are a few typical SSL Certificate Issues:

• The Certificate is Invalid or Missing
• The Certificate Lists the Wrong Website as its Domain
• The Certificate is Expired
• There is No Certificate
• A Mismatched URL
• A Third-Party Certification Authority Did Not Issue the Certificate
• The Browser Doesn’t Recognize the Issuing Authority

In a remote-access work environment, safe web browsing is essential for a small or midsized business (SMB), which is why many business owners hire IT experts to advise them.

Do SMBs Need Professional IT Services?

A safe web browser will know how to tell if a website is safe by paying close attention to “your connection is not private” warnings. As the saying goes, time is money and IT professionals can help you make informed and cost-conscious decisions about computer network setups and how best to protect and maintain the integrity of your network. They can also ensure your system has strong network cyber security from the start.

Contact a local network IT provider that specializes in small and midsized business networks. Ask for a network assessment to determine if your system is secure and firewall settings are properly configured. For SMBs that do not have a full-time in-house IT department, managed services are the most affordable option. They provide IT services for multiple small businesses and are familiar with a wide array of systems and office productivity tools. Outsourced network service providers are familiar with SMB financial constraints and will help you find solutions within your budget.