Security Tip of the Week – HTTPS URLs Are Not Always Secure

Why You Shouldn’t Trust the Lock Icon: The Hidden Risks Behind HTTPS

When signing in to a website such as Facebook or Amazon, have you ever seen the beginning of the URL change from “HTTP” to “HTTPS”? How about a small lock icon at the top of your browser? The “S” in “HTTPS” stands for “secure” and indicates that your web browser is accessing the website through a secure connection that no one else can access. The lock icon also indicates that the website is secured with a digital certificate.

However, a website is not necessarily secure just because “HTTPS” is included in the URL. A website using HTTPS can be safer than a website using HTTP, but cybercriminals can get HTTPS certificates, too. Cybercriminals often use HTTPS URLs to trick unsuspecting victims into clicking phishing links.

HTTPS websites can offer a false sense of security, so you may be tempted to automatically trust them. However, it’s important to remember that even legitimate HTTPS websites may have vulnerabilities that cybercriminals can exploit. You should never rely on an HTTPS URL or even the lock icon at the top of your browser for security.

Tips to Stay Safe

Follow the tips below to make sure the website you’re visiting is secure:

Watch out for misspelled domains. For example, a link may contain the word “Annazon” instead of “Amazon.” Some misspellings are easier to catch than others, so make sure to look closely!
If you receive a login link through email or text message that you weren’t expecting, don’t click it. Cybercriminals can send you malicious links that look legitimate. Always navigate directly to the website.
Remember to look for the “S” in “HTTPS” before you enter any sensitive information into a web browser. Even then, remain cautious.

Stop. Look. Think. And don’t be fooled.

Tips of the Week Brought to You By Our Partners at KnowBe4

KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

Join Our Mailing List

What Does a Trusted Advisor Role Provide?

Build lasting, trusted advisor relationships through expert software solutions, cross-industry experience, and a commitment to integrity, client success, and long-term impact.

Integrating Penetration Testing into Your Security Strategy

Penetration testing is essential for cyber resilience and helps identify vulnerabilities, reduces risk, and supports compliance.

Security Tip of the Week – Don’t Invest in Social Media Hijacking

More than half of the world’s population uses at least one social media platform. Users can post to Facebook, Instagram, and Snapchat for followers to see. When a friend, family member, or influencer posts to social media, do you ever question whether they actually created the post?

Security Tip of the Week – Deepfake, Deep Trouble

Cybercriminals Use AI to Pose as U.S. Officials in New Text and Voice Scam

Security Tip of the Week – HTTPS URLs Are Not Always Secure

Why You Shouldn’t Trust the Lock Icon: The Hidden Risks Behind HTTPS

Tips to Stay Safe

Tips of the Week Brought to You By Our Partners at KnowBe4

Share:

Join Our Mailing List

More Posts

What Does a Trusted Advisor Role Provide?

Integrating Penetration Testing into Your Security Strategy

Security Tip of the Week – Deepfake, Deep Trouble

ABOUT KELLER SCHROEDER

OUR CREDO

cONTACT uS

WORKING HOURS

Ⓒ 2025, Keller Schroeder | An Employee-Owned Company Founded in 1978

About Keller Schroeder

Core Business Units

Company Culture

Locations

Contact Us