Safari 6/7 (Mavericks): Identify secure websites and avoid fraud
When you visit an encrypted webpage—for instance, to do online banking—Safari checks if the website’s certificate is legitimate. If it’s not, Safari displays a warning message.
Safari also warns you if you visit a suspected phishing website. Phishing is a fraudulent attempt to steal your personal information, such as user names, passwords, and other account information. A fraudulent website masquerades as a legitimate one, such as a bank, financial institution, or email service provider.
Look for an Encryption button
An Encryption button at the left end of the address and search field indicates that the website uses the HTTPS protocol, has a digital identity certificate, and encrypts information. To view the website’s certificate, click the button.
- A gray button indicates a standard certificate.
- A green button indicates an EV certificate (more extensive identity verification), and shows the name of the EV certificate owner.
Use an encrypted connection
If you don’t see an Encryption button, go back to the page where you logged in and check for a link to an encrypted login. If available, use it, even if you don’t plan to view private information.
Respond to a certificate warning
- Click Show Certificate, then check the certificate.
If you see a message that the certificate isn’t trusted, or was signed by an untrusted issuer, or the name and organization aren’t the same as the website owner, click Cancel.
If you continue to the website, verify the address in the Safari toolbar to confirm it’s correct. Some fraudulent websites masquerade as trusted websites by changing one or two letters of the website address.
- Contact the administrator of the website.
If you continued, the certificate is stored on your computer. To change the certificate’s trust settings later, use Keychain Access.