Buying securely on Vraiment Beau (and elsewhere!)

Our site is 100% secure, and so are the payment partners we work with (Sogecommerce and PayPal). This means that you can check at any time that you are browsing our pages or those of our payment partners.

We recommend these checks especially if you follow a link provided in an email!

Please read below to understand how you can exercise these checks (note: these instructions are valid for all secure sites, not just ours!).

Site addresses

Four checks will help you make sure that the page you see in your browser is authentic:

  1. Check that the address in the browser bar (called URL) is authentic. for our site, it must start with “” (that’s the “domain name”). For Sogecommerce payment pages, this URL will be ““; and for PayPal payment pages, “” If you click on these addresses in the browser bar, you will see a “https://” added before this URL: this is normal.
  2. Check the integrity of the domain name, this is where hackers often try to fool you:
    • “” and “” are valid: in both cases, the domain name is “,”. “/your-order” (or /vb_blog/post.php?post-2085) signals a page on the site.
    • The dash between the words is taken into account in the domain name: “” or “” are therefore specific domain names and would indicate different sites from
    • On the other hand, in “” (the sogecommerce payment site of the Société Générale), the domain name is “”, and “sogecommerce” is what is called a “sub-domain” of “”, which points to a “sub”-site of the Société Générale. So the domains “” and “” with a dash as a separation instead of a point, would point to different (and probably fraudulent) sites!
    • Also beware of geographical extension: the “” or “” domains are different sites from “” and “”. It just means that someone has “bought” the domain “vraimentbeau” with the extension “.eu” (Europe), and the domain “PayPal” with the extension “.org” (it is impossible to secure a domain for every extension imaginable!).
    • And “” would be the “vraimentbeau” sub-domain of the “fr” domain, with the “.com” extension. Another site (although “” is the extension for the UK and “” for Brazil !).
  3. Then check that a padlock appears to the left of this address. The padlock announces a secure connection (called SSL), encrypted, and validated by a “certification authority” (the organisation that issues the certificate).
  4. Click on the padlock, a window (see below) appears that confirms the “domain name” that is certified by the padlock. Make sure that this domain name matches the one mentioned at the first point! For the strictest certificates, the window – or the one that opens when you click the “Show the Certificate” button – also mentions the name of the company that operates the site (in our case, “Vraiment Beau SAS”).
Examples of certificate verification
Check the authenticity of the Vraiment Beau, Sogecommerce and PayPal pages

If you have any doubts, call us using a phone number you have already used with us (01 45 20 60 00 ), or the number you will find on our site by typing our URL into your browser ( Don’t use a phone number provided by the page that you think is suspicious!

Please note that no page on our site will ask for your number and credit card code: all our payments are systematically entrusted to Sogecommerce and PayPal.

Finally, do not entrust your codes to anyone who calls you on behalf of a merchant, without knowing that merchant and having verified the identity of the person calling you. Do remember that the pirate may have accessed your mail box, and know the history of your exchanges with that merchant. The only way to do this check properly is to call the merchant in question on a phone number that you found independently, and ask to speak to the person who called you.


You certainly receive many spam emails. Remember that the name (or address) that appears naturally in your email software, does not mean anything: it is programmed by the sender of the message.

To see the “real” address of the sender, you need to click in your email software, on the name of the sender that appears at the top of the message. The part after the “@” (arobase) is the domain name of the sender, which must be analysed according to the same rules as the domains of the sites (often, they are the same).

I received a message from “” telling me that I need to download a letter. If I go to the website of the Société Générale in France, I see that their site is “”. So (see above) the domain name is “,” and “individuals” is a “under” domain name that points to a “sub-site”. But beware, this name does not mean anything ! Before I click to read the letter, I click at the top of the email on the name of the sender “” and I see that the address of the sender is “”. It is a scam: do not click and delete this message!

I also received a message from “Flying Blue.” When I click on the name “Flying Blue,” I see that the address of the transmitter is “”. This is highly suspicious, I would have expected to see this mail coming from the domain (the one of the Flying Blue site), or the domain (the one of Air France), so something like “”, “”, or “”. So I will never entrust my codes to this site before checking very very closely (the email comes from Flying Blue, which suggests a superficial understanding of the rules described above).

* * *

These rules apply to all sites. We hope that they will help you to see a little more clearly on how to manage security, and thus avoid the more common pitfalls of the internet!

*  *  *

You can find in the following pages, more information on Vraiment Beau:

We are in constant discussions with our suppliers, to stay ahead of the game. We share our experience in our Guide pages.

You can also come back to our catalogue of products, with its different categories or explore our luxury brands.