Be sure a website is genuine

Some web links, especially ones that are a part of phishing schemes, will redirect to fraudulent web pages; even when entering internet addresses into your browser by hand, you might end up at a phisher's site if the address you enter is non-secure or incomplete, or is automatically completed or redirected by your browser.

Unfortunately, when you access non-secure websites (that is, those sites whose addresses use an http:// prefix), you can do nothing to verify that you have not been redirected to a fraudulent site. However, when accessing secure sites, including most commercial, financial, and university services, you can protect yourself by making sure that the site you are visiting is actually the page you want to get to. To do this, type the entire URL, including the initial https://, into your browser.

Some services on the Indiana University network (for example, Canvas) will automatically redirect to the service if you simply enter the name of the service in the browser. While UITS and the University Information Policy Office believe that this redirection offers great convenience at minimal potential risk, if you have concerns about the safety of this practice, enter the entire URL for IU services (for example, enter https://canvas.iu.edu/ rather than just canvas), as outlined above; additionally, when bookmarking these sites, be sure to bookmark the full URL. These steps will ensure that your browser is accessing the genuine website or service you want.