As we browse the internet we are seeing more security warnings that suggest that you do not continue to the desired web site, these warning typically relate to the security certificate that the site uses and the errors could indicate that the site has been hijacked or simply that the legitimate site has an error on the certificate. Sites that are secured by a security certificate start with https:\\.
Lets look at a site that currently has an issue with it’s security certificate: www.reint.com.au
if you navigate to this site you will firstly see a warning (in this example we are using Internet Explorer)
Click More information
What does this mean?
What more information tells us is that the web site address www.reint.com.au is NOT the address registered on the sites security certificate. This could very well mean that the web site has been hijacked in most cases and you should not proceed to the web site. In this case if the site requires user login then a hijacked web site could be harvesting your login details.
In this case we have already contacted the owner of REINT and we know that the person responsible for raising security certificates has made an error and listed the web site as reint.com.au (missing www).
Always check for certificate errors
Notice that to the right of the address bar you can see certificate error , errors shown here should not be ignored and we certainly recommend that you do not login to any site while certificate errors exist.
If we click on the “certificate error” warning we see more details:
The above details confirms that the address listed on the security certificate does not match the address that you navigated to.
Let’s view the certificate:
We are browsing www.reint.com.au but certificate is valid for reint.com.au only.
The certificate does indeed show that the website will only pass browser validation for reint.com.au and not for www.reint.com.au, while we know that this site is legitimate, visitors are not normally in a position to communicate directly with an organisation to confirm and we can only recommend that you do not login or download anything for sites that have certificate errors.
For owners of web sites that have security certificate issues, all search engine providers such as Google and Bing will drop search results and your ranking will quickly drop. It is also important for other sites that link to your site, known as external links, on the external site links with certificate issues can be flagged as broken links, and web masters don’t want broken links on their sites.
REINT web site has since fixed the SSL certificate issues and launched a new web site.
RT @ChaunceyGardner I'm here with Alex and other experts in Warsaw for a workshop on drug & tobacco harm reduction. Both have unfounded gateway claims; massive user stigma; claims of "just switching one addiction for another"; and moralizing prohibitionists pushing policies that increase harm... twitter.com/AlexWoda…