How the S in HTTPS protects you online

SALT LAKE CITY — What makes you feel secure — a locked front door? An armed home alarm system? An attack cat? How about the letter S?

The URLs of most websites you go to start with HTTP or HTTPS. And that S is important.

"That S indicates that it's a secured encrypted website to protect your information," said David Nuti, a senior vice president at Nord Security.

Nuti said whenever he shops online – or just surfs the web – he always looks for that S in the website's URL.

So does Michael Bruemmer, a vice president at Experian and head of its Global Data Breach Resolution. He said that S means more than it used to.

"The technology, specifically for the HTTPS, has gone up from 128-bit encryption to 256-bit encryption," he said.

That level of encryption jumbles up all your bank and payment information as it's transmitted between your computer and the retailer's server. A hacker who intercepts that data can't read it without a very hard-to-guess key.

And while the S can keep hackers out, it doesn't help if you are duped into just sending them your money or identity, and that happens a lot.

Of the 2.4 million fraud reports filed with the Federal Trade Commission last year, online shopping scams ranked second highest.

At the risk of making this story sound like a commercial for big and familiar brand retailers, Bruemmer's advice when shopping online?

"I would always use a name-brand website when you're shopping online or going to do any financial transactions," he said.

And be on the lookout for more than just the S in a website's URL. Crooks love to create spoof websites that make you think you're shopping with one of the big boys, Nuti said.

"They create a replica of the site to get you to purchase something, provide all of your purchasing information," he warned.

According to the FTC, losses to bad guys posing as businesses soared to $660 million last year — more than triple the amount just two years ago.

Related topics