Safari icon

Avoiding fraudulent websites

When you go to a secure webpage—for instance, to do online banking—Safari checks the site’s certificate and compares it with certificates that are known to be legitimate. If Safari doesn’t recognize the website’s certificate, or if the site doesn’t have one, Safari will let you know.

For more detailed information on how Safari works with certificates, see this topic:

How to respond to a certificate warning:

  • Click Show Certificate, and inspect the certificate for suspicious information.

    • Look for a message that says, “This certificate was signed by an untrusted issuer.” If you see this message, click Cancel, and do not go to the website.

    • Click the triangle next to the word “Details.” Check to make sure that the name and organization sections match those of the person or organization that owns the website. If anything looks unusual or is not what you expect, click Cancel, and do not go to the website.

  • If you continue to the website, double-check the address in Safari’s toolbar to confirm that it is the correct address for the page you want to visit. The address should begin with “https://,” and the name of the website should be spelled correctly. Sometimes fraudulent websites masquerade as trusted websites by changing one or two letters of the trusted website’s address.

  • Contact the administrator of the website, explaining the problem and requesting more information.

If you continue, the certificate will be stored on your computer, and this warning won’t be displayed again for this website until you quit and restart Safari. If you like, you can remove the certificate later using Keychain Access. For instructions, open Keychain Access and choose Help > Keychain Access Help.


Related Topics

Identifying secure websites

What is “phishing”?

Open

Open Keychain Access