Avoiding fraudulent websites

When you go to a secure webpage—for instance, to do online banking—Safari checks the site’s certificate and compares it with certificates that are known to be legitimate. If Safari doesn’t recognize the website’s certificate, or if the site doesn’t have one, Safari will let you know.

For more detailed information on how Safari works with certificates, see this topic:

How to respond to a certificate warning:

  • Click Show Certificate, and inspect the certificate for suspicious information.

    • Look for a message that says, “This certificate was signed by an untrusted issuer.” If you see this message, click Cancel, and do not go to the website.

    • Click the Details tab. Check to make sure that the name and organization sections match those of the person or organization that owns the website. If anything looks unusual or is not what you expect, click Cancel, and do not go to the website.

  • If you continue to the website, double-check the address in Safari’s toolbar to confirm that it is the correct address for the page you want to visit. The address should begin with “https://,” and the name of the website should be spelled correctly. Sometimes fraudulent websites masquerade as trusted websites by changing one or two letters of the trusted website’s address.

  • Contact the administrator of the website, explaining the problem and requesting more information.

If you continue, the certificate will be stored on your computer, and this warning won’t be displayed again for this website until you quit and restart Safari. You can remove the certificate later. To view and manage certificates, choose Start > Control Panel, click Internet Options, and then click the Content tab.


Avoiding fraudulent websites