Categories: NewsSecurity

More and More Phishing Sites Use HTTPS Certificates to Appear More Legitimate

Phishing attacks have become far more common over the past few years. Unfortunately, it appears things will not get better anytime soon, as criminals are stepping up their game once again. More specifically, it appears scammers are now using the HTTPS protocol for phishing sites in an effort to win over consumers in the process. A very disturbing development that could have widespread ramifications.

Phishing Sites With HTTPS Are Very Dangerous

Consumers have become somewhat more aware of how sites are using different protocols to store and encrypt information. The HTTPS protocol is often considered to be a tool only belonging to secure websites. Any platform using HTTPS encrypts data, which should keep the information in question safe from prying eyes. Unfortunately, it appears scammers and phishers are now using this encrypted protocol as well, which causes quite a few problems.

To be more specific, a new report indicates how quite a few phishing

sites are using HTTPS encryption as well. Scammers use this tactic to make their fake website appear more legitimate. This is a clear effort to trick visitors into believing the site they are visiting is the real deal, and not a copy. In the minds of most consumers, a website using HTTPS should be trusted at all times. It is good to see the educational efforts regarding HTTPS pay off, although this also means consumers will have a difficult time distinguishing between fake and real websites when the both use HTTPS.

For most people, a site using an HTTPS connection can be trusted without question. Now that phishing sites have the same level of encryption, criminals will become more successful in their efforts to obtain information from victims. So far, Cisco Talos engineers discovered phishing sites promoting products of poor quality, offering fake technical support, and stealing banking credentials. Impersonating a popular domain and slapping an HTTPS certificate on top of it will trick the average consumer into giving up sensitive information in the end.

Related Post

Anyone visiting a phishing site with an HTTPS certificate will see it as a trusted platform. The small green lock next to the address in the browser’s address bar will show up. This is quite a problematic development that will not be as easy to solve by any means. Consumers often do not check the specific details related to the certificate in question. Instead, they will trust the platform just because it has this small green lock next to the website address.

This new threat has become quite apparent across recent phishing campaigns. The scammers send out millions of emails to people all over the world in an attempt to redirect them to a phishing website. For the victims who click these links, they will see the HTTPS certificate and assume it is a legitimate service. As we mentioned in a previous article, the issuance of these HTTPS certificates is facilitated by the Let’s Encrypt initiative. Issuing certificates free of charge without further questions asked has become a treasure trove for phishers and other scammers.

For the time being, it is evident there is no clear solution in sight. Let’s Encrypt has acknowledged the problem exists, yet they are not entirely sure how they can address this abuse. It is evident consumers need to be made aware of how just seeing the green lock does not mean the website they visit can be trusted. Raising awareness of this issue means another educational campaign needs to be organized.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

3 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

4 hours ago

IntelMarkets (INTL) Receives Massive Demand From Chainlink And SUI Investors Looking To Position For The Best Bull Run Gains

As the cryptocurrency market gears up for a bull run, IntelMarkets (INTL) is attracting significant…

4 hours ago

FOMO Selling Trigger $1 Billion Liquidations as LINK & SOL Bleed Heavily; What to Do Next?

In the past, Chainlink (LINK) and Solana (SOL) have been among the most discussed altcoins…

9 hours ago

Qubetics $7.4M Presale Revolutionises Blockchain as Bitcoin and Chainlink Drive Innovation: Best Cryptos to Buy for 2025

The crypto market is abuzz with excitement as 2025 approaches. While Bitcoin continues to dominate…

15 hours ago

Best Altcoins to Buy Today: Why Qubetics’ Presale Could Be the Best Investment Opportunity of 2024

The cryptocurrency market never sleeps, and every day feels like an adventure. From household names…

21 hours ago