view certificate

Virus & Spyware

Virus & Spyware
Perspectives on PC security, including antivirus, anti-spyware and firewall solutions.

view certificate

This question is answered

Every so often i get pop up message that says- The name on the security certificate is invalaid or does not match the name on the site. do i want to proceed? Is this legitement or is malware?

Verified Answer
  • The message itself is legitimate.

    Secure websites are issued a "security certificate".   When you attempt to go to a secure site, the site's certificate is checked to make sure it's valid:   the certificate must be current [not expired, and not revoked], and the site's name must match up.   When something doesn't check-out completely, you get a warning message.

    HOW to proceed is not as clear.   If the message is that the certificate has expired RECENTLY [i.e., the past day or so], it's likely just because the company didn't renew it yet.   In such a case, you can probably ignore the message and proceed.

    In your case, it's saying the names don't match up.   You need to be a bit more careful here:

    Example:   Say you're visiting the CitiGroup site, and its subsidiaries.   From there, you try to access CitiBank, and get a certificate warning.   You need to check the details to see what the non-matching name is on the certificate.   In this example, if the certificate was issued to CitiGroup (the legitmate "parent" company) while you're trying to access CitiBank, then it would be safe to continue.   But if the certificate had some other name on it, then you'd have to determine whether its legitimate [related], or whether you've reached a "spoofed" site that's trying to trap you.

    Hopefully, with this in mind, you'll be able examine the certificate's details, and decide for yourself.   If you decide the page is legitimate, and this warning happens regularly there, you might want to contact the company, report it, and hope they'll update things.

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v8 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [set to BLOCK]; KeyScrambler for IE), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]

All Replies
  • The message itself is legitimate.

    Secure websites are issued a "security certificate".   When you attempt to go to a secure site, the site's certificate is checked to make sure it's valid:   the certificate must be current [not expired, and not revoked], and the site's name must match up.   When something doesn't check-out completely, you get a warning message.

    HOW to proceed is not as clear.   If the message is that the certificate has expired RECENTLY [i.e., the past day or so], it's likely just because the company didn't renew it yet.   In such a case, you can probably ignore the message and proceed.

    In your case, it's saying the names don't match up.   You need to be a bit more careful here:

    Example:   Say you're visiting the CitiGroup site, and its subsidiaries.   From there, you try to access CitiBank, and get a certificate warning.   You need to check the details to see what the non-matching name is on the certificate.   In this example, if the certificate was issued to CitiGroup (the legitmate "parent" company) while you're trying to access CitiBank, then it would be safe to continue.   But if the certificate had some other name on it, then you'd have to determine whether its legitimate [related], or whether you've reached a "spoofed" site that's trying to trap you.

    Hopefully, with this in mind, you'll be able examine the certificate's details, and decide for yourself.   If you decide the page is legitimate, and this warning happens regularly there, you might want to contact the company, report it, and hope they'll update things.

    Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware

    Windows 7 Pro SP1 (64-bit), avast! v8 Free, MBAM Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, EMET+MBAE, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [set to BLOCK]; KeyScrambler for IE), CryptoPrevent, Secunia PSI.

    [I believe computer-users who sandbox (Sandboxie) are acting prudently.]