To improve security, browsers such as Google Chrome, Mozilla Firefox and Microsoft Edge introduced the well-known "closed padlock" in their navigation bar. This padlock is how browsers have chosen to visually indicate that the accessed site uses secure communication with the HTTPS protocol.
HTTPS is the secure version of the HTTP communication protocol used on websites. The cryptographic certificate used with HTTPS indicates who is in charge of that page's security. HTTPS guarantees that the accessed site and that indicated on the cryptographic certificate are the same, while also encrypting all communication between you and the website (i.e., between the access browser and the site server). If you need to enter your access password on any web page, it is essential to observe the use of HTTPS. It will ensure that the password will be communicated secretly and securely over the Internet to the system of the site you are trying to access. However, HTTPS is not just important when you need to send information to a website. Ideally, this more secure version of communication should always be used. Most modern browsers even show a red-crossed padlock or a very clear expression, such as “not secure,” to warn users that the site uses HTTP.
In addition to checking HTTPS and the padlock, it is also very important to verify the address accessed. Site names (URLs) similar to the original ones are often used maliciously on the Internet and if you are accessing the wrong site, a closed padlock will not protect you! Also verify the name of the site (URL).
People with bad intentions can try to steal your login credentials by creating fake websites that are very similar to the real ones. However, the fake site will not have the correct information linked to the padlock, or will have an "open padlock," indicating that communication is not secure. Be careful not to be duped by scams and access fake websites! Before entering any password or other sensitive information, such as your credit card number, make sure that the site uses HTTPS (with the “locked padlock") and that the information associated with the padlock is consistent, i.e., whether the site address is correct, and whether the responsible entity is really the expected institution (such as a bank, an online store, or a government institution).
For more information:
https://cartilha.cert.br/fasciculos/#banco-via-internet (portuguese only)
https://cartilha.cert.br/fasciculos/#comercio-eletronico (portuguese only)
https://cartilha.cert.br/livro/ (portuguese only)
The first scene shows a hand typing the name of a bank website on a laptop. In this scene, the following phrase appears: "Going to browse the Internet?"
In the second scene, the hand grabs a magnifying glass and places it on the URL browser, zooming in and showing a padlock icon. In this scene, the following phrase appears: "Check for a closed padlock."
In the third scene, a man appears beside the laptop that has a safe URL on the screen (with a closed padlock) and another that is not safe (without the padlock). In this scene, the following phrases appear: "It protects your browsing" and "If there is no padlock, it could be a scam!"
Companies and organizations interested in participating can become partners in this initiative, adding their logo to a customized version of the videos, which can be published on their website or on other channels. Send us an e-mail email@example.com to request the application of your company or entity's logo to our videos.