In which I gave mediocre Cyber Monday advice
I had a fun opportunity to speak to Nathalie Vera of KCOY/KEYT news about Cyber Monday scams and what you can do to avoid them.
One of the things that may have gotten lost in my advice, however, is that it's simply not enough for your browser to show a "closed lock" icon. At least one recent report shows that as many as a third of phishing sites are now using HTTPS/TLS (the technologies that make the locked in your browser "closed."). This means, in addition to the "closed locked," we must also check that the domain name/URL (e.g. amazon.com) shown by your browser matches the site you intended to visit. Only then can you know that your information is both being kept confidential (lock is closed) and being sent to the intended recipient (name matches). A small, but important distinction!