Donation being made on https secure site but unencrypted.

[Mrs. Doyle]

I was making a donation yesterday to a charity on their chosen website and checked before inputting card information that the link was https. Coming towards the end of the transaction a pop-up message appeared saying 'this page is unencrypted and may be viewed by a third party' I immediately cleared all the information and understood I had cancelled the transaction.

Checking my bank account this morning the transaction is pending. I have cancelled my card but just wondering how serious the risk would have been?

 

[Jim2007]

People get very excited about this, but in reality it does not make a whole heap of a difference! HTTPS simply means that the data transmitted between your browser and their server is encrypted, so that anyone 'listening' to the traffic will not be able to read it and get your details.

But here is the think I've never ever heard of any hacker doing this - given the massive volume of traffic flying around the network at any given moment it would be a very difficult exercise to start capturing and processing it, especially since there are much easier ways of doing this! Either capture the data before it leaves your machine or after it arrives at the server and has been decrypted. So hackers usually do one of four things - put malware on your PC to capture your details before it is transmitted, put malware on the server, break into the server and steal the database or simply direct you to one of their sites! I would not get too excited at all about HTTPs or the lack of it.