The recent spate of fraud on the Internet, such as the PayPal "authorisation" stings and "fake escrow" scams has highlighted the importance of legitimate SSL digital certificates in the online marketplace.

In the case of the PayPal incident, an authentic-looking website was set up at www.paypalauthorization.com by fraudsters who then randomly spammed as many Internet users as they could with a forged PayPal message.

The email, designed to look like an official message, urged users to re-enter their details, including their credit card numbers, at the phoney site. A lot of PayPal users who received the email fell for the scam.

Daniel Lewkovitz, a data security consultant with CMG, says that consumers must exercise a degree of caution prior to engaging in a trust-based relationship on the Internet.

"Consumers must look for classic warning signs such as bad grammar or spelling, or references to a non-existing or dubious prior relationship," he said.

Newer scams, such as criminals setting up fake escrow services and luring online auction customers into sending large sums of money to the fraudulent services are getting more and more sophisticated.

They can be quite difficult to spot, and may have a SSL certificate, making them appear to be a legitimate and secure site. Simply looking to make sure that the "secure padlock" pops up in your browser may not be enough anymore.

Gregg Rowley, Managing Director of Verisign Australia, says that checking digital certificates themselves, and their origins, is a good idea.

"Clicking on the lock to view the certificate is a good idea, as is checking to make sure that the certificate itself has been issued by a reputable certificate issuer," he said.

In this way the certificate, which can be viewed by double-clicking the padlock icon that appears in the bottom right corner of most browsers, acts as a reference. The certificate issuer is verifying the site as being legitimate, so taking into account the reputation of the issuer themselves is a good idea.

Lewkovitz equates doing business online to doing business with someone you meet on the street.

"If someone comes up to me on the street and wants to sell me a VCR I'd naturally be suspicious. Dealing with unknown parties on the Internet is no different".

"Scams and the con-artists who perpetrate these types of scams have been around for hundreds of years, and while the motivations and the intent behind them remain unchanged, the technology and the modus operandi advances daily." he said.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.