What is HTTPS, and How Does it Protect You? How Does it Not?

We love encryption here at Best VPN Provider. But what is ‘HTTPS’ encryption all about? And what does that little lock in the address bar actually do? You know that the ‘S’ has something to do with encryption, but understanding what it does, and does not do, can really protect you online.

HTTPS is for encryption

Many people know how to look for the little lock icon in their address bar. They know that this means that their connection to whatever server hosting the website is secure. They may also know that it helps protect against ISP spying.

The last sentence is true… to some extent. For example:

• Your ISP  will be able to see that you are at HTTPS://Reddit.com.
• Your ISP will not be able to see that you are at HTTPS://Reddit.com/r/bestbooties.

This means that your ISP can still see the domain of the websites that you visit. Did you go to a porn site? They know. Are you curious and researching something like bomb making? They know. If you want to protect yourself in this scenario, the only way is to use a VPN. VPN will give you end-to-end encryption against your ISP, hackers, and most government spying eyes.

Tech companies: use this time to enable end-to-end encryption everywhere. Your future depends on making pervasive crypto a fait accompli.

— Edward Snowden (@Snowden) May 27, 2016

Another thing: using HTTPS does not mean that the websites you visit won’t be able to scam you. This is because any site on earth can absolutely use HTTPS encryption. Even HTTPS://WeStealMoney.com can use it.

What is HTTPS good for then?

You may be wondering what’s the point of HTTPS then if anyone can use it.

Know that the HTTPS protocol is meant to protect information from being monitored. Think of it as like having a phone line at home. Your phone company is not responsible for preventing robocallers from getting hold of you and scamming your credit card. What they are responsible for is making sure that your phone line is secure.

What you have to do here is make sure that you’re connecting only to legitimate websites. There is virtually no way that the entire Internet can be filtered for your protection. It is simply too big, and staying safe online is going to come down to you knowing how to take personal responsibility.

How to spot scam websites

Online scammers try everything by the book to separate you from your money and information. One of the most common scams is a website trying to do work for you when in fact, it should not. For instance, you can’t trust any message that says that you have a problem with your banking. You have to go to the bank yourself to do this.

Also, you need to look at phishing attacks. HTTPS is completely helpless in protecting you against a phishing attack. In fact, those doing a phishing attack may actually use the HTTPS protocol to trick you. The primary activity in a phishing attack is that attackers are attempting to take your passwords or credit card numbers by using some form of deceit.

Tools to use against scam websites

Use something like hpHosts if you’re unsure. This website tracks known problem websites that have hosted malware, phishing attacks, and other issues. Norton Safe Web is another alternative.

A safer way to be social! http://t.co/jAW7D9SX Download #Norton Safe Web on @Facebook App Center under “top rated apps” in Utilities:

— Norton (@Norton) August 10, 2012

You will also want to pay attention to your browser. Most browsers have some sort of pop-up warning for suspicious websites. If you ignore these pop-ups, it will be your fault for going to a website that can potentially harm you.

Not clicking suspicious links

Have you ever got an email from your supposed bank saying that you needed to click a link to fix an account freeze? That’s a scam. Your best approach here is to go directly to your bank, either online or in person, and find out what is going on.

The same goes with online shopping websites, your PayPal account, unpaid invoices, anything that involves money which you did not initiate.

Using networks you do not control

Anytime you use a network which is not your own or that of your employer, it is safe to say that you should not trust it. What is HTTPS going to do when a hacker controls your computer? Not much. This is the risk when you’re on public Wi-Fi, so you must be careful.

When you connect to an unsecured network, you must also connect to a VPN. Many of these VPNs have easy-to-use apps that make it simple for you to stay secure. They offer complete encryption that you may be missing out. They also hide everything that you’re doing online from the person who does control the network.

What is HTTPS doing for you?

The HTTPS protocol does plenty of things to protect you. It helps you on your banking website, social media, online stores, and other sensitive places. However, it does not protect you everywhere. For that, you’re going to have to start using your common sense, some good tools, and a VPN.

A final tool that you can consider using is HTTPS Everywhere. This browser extension forces websites to take you to the HTTPS version of their website. It’s not much, but it is better than nothing. After all, what is HTTPS good for if a website can choose to direct you to its unsecured version. This forces websites to do the appropriate thing, offering you more protection.