Hey everyone, Mike here…
The other day I tried to sign up for a subscription to our local newspaper, I’ve recently thought that local journalism is important so I thought I would support them, then this happened…
Question: Would you enter your bank details on this page?

Things that are wrong: 

  1. This page should clearly be loaded over a *secure* connection as it’s asking for bank details. It should look more like the green “https” you see at the top of this page, (grey padlock in MS Edge)
  2. The title of the page says “Subscribe to KAYAK”. I’m trying to sign up to The Mail (Formally The North West Evening Mail), while not a security problem it just looks wrong.
  3. To get to this screen I had to enter a username and password and my billing address (again all over a *Not Secure* connection).

What did I do:

  • I’ve emailed them the screenshot and my three points above (politely but firmly) saying they need to do better…

What have they done:

  • It appears they have suspended taking online orders, for now, hopefully, they are on with fixing it! I’ll update this post as I find out more!
  • They emailed me back thanking me. (also see updates below)

What should you do:

  • If you see *Not Secure* in the address bar of your web browser or you don’t see a green (or grey) padlock when being asked for details about you (name, address, email, password etc…) you should stop and contact the company and ask them to explain why.
  • You also can’t trust that the website is actually serving content from the place it claims to be from if it’s not *secure*

A secure site in Chrome

A secure site in Edge

A secure site in Firefox

Updates:

  • I tried to join via Credit Card rather than Direct Debit, this took me from a *not secure* connection to a *secure* connection, this isn’t ideal as someone could have redirected me from the *not secure* connection to anywhere they wanted. Paying by credit card failed and I got an error, but they did take money…
  • They rang me back to say it had failed, they offered to cancel that transaction and gave me one of their offers (3 months for the price of 1!)
  • They apologised for loading these screens over a not secure connection and said their IT team is working on it as it should be a secure connection, hopefully, they will fix all the problems in one go…
  • I’ll report back as soon as I know more…
  • 07 March 2018: I’ve checked the website again, it’s still not over a secure connection. 🙁

Stay Safe!
Mike 🙂