**This is a guest article by an author who wishes to remain anon. Unlike you, this person got off his ass and earned some $$ writing about what he loves. He has accomplished something with his life, he has written for MrCracker.com . What have you done? Click Here to start.**
For secure online transactions, a form of encryption is used called Secure Sockets Layer (SSL). SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information, or, in simple terms, a secure method of communication between an Internet browser (user) and web server (website).
Firstly, to identify secure pages that are using SSL, check the URL. https://www.domain.com is secure while http://www.domain.com is not. Remember HTTPS and there’s also a padlock symbol at the bottom of the page or at the address bar.
SSL uses certificate authorities. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then creates an encrypted session or communication between the two computers. Once the session is finished, the certificate authority used for that session is discarded. Any additional sessions will require a new certificate authority.
Since nothing in this world is perfect, there is always someone (hackers) out there trying to bypass the encrypted session, whether to get small information or totally destroy the encrypted session. They do this by primarily attacking the insecure part of the system – http, through phishing or fake web pages since most users do not directly access the secure page. This is also somewhat caused by the user. Most users do not notice that there is no letter ‘s’ after http or they just notice the padlock symbol. Another cause of phishing is Internet browsers themselves, despite their capabilities of identifying fake web pages.
However, this doesn’t mean that SSL is totally unreliable. You can overcome its weaknesses by ensuring that the URL has HTTPS. And if you have the budget, you can purchase antivirus software or (Total security) software that doesn’t only protect your computer against virus, Trojan, worm and other malicious software, but also against phishing attacks. There are even some products that can be integrated with your Internet browser, which gives you an additional defense against phishing attacks.”"