Categories: NewsSecurity

More and More Phishing Sites Use HTTPS Certificates to Appear More Legitimate

Phishing attacks have become far more common over the past few years. Unfortunately, it appears things will not get better anytime soon, as criminals are stepping up their game once again. More specifically, it appears scammers are now using the HTTPS protocol for phishing sites in an effort to win over consumers in the process. A very disturbing development that could have widespread ramifications.

Phishing Sites With HTTPS Are Very Dangerous

Consumers have become somewhat more aware of how sites are using different protocols to store and encrypt information. The HTTPS protocol is often considered to be a tool only belonging to secure websites. Any platform using HTTPS encrypts data, which should keep the information in question safe from prying eyes. Unfortunately, it appears scammers and phishers are now using this encrypted protocol as well, which causes quite a few problems.

To be more specific, a new report indicates how quite a few phishing

sites are using HTTPS encryption as well. Scammers use this tactic to make their fake website appear more legitimate. This is a clear effort to trick visitors into believing the site they are visiting is the real deal, and not a copy. In the minds of most consumers, a website using HTTPS should be trusted at all times. It is good to see the educational efforts regarding HTTPS pay off, although this also means consumers will have a difficult time distinguishing between fake and real websites when the both use HTTPS.

For most people, a site using an HTTPS connection can be trusted without question. Now that phishing sites have the same level of encryption, criminals will become more successful in their efforts to obtain information from victims. So far, Cisco Talos engineers discovered phishing sites promoting products of poor quality, offering fake technical support, and stealing banking credentials. Impersonating a popular domain and slapping an HTTPS certificate on top of it will trick the average consumer into giving up sensitive information in the end.

Related Post

Anyone visiting a phishing site with an HTTPS certificate will see it as a trusted platform. The small green lock next to the address in the browser’s address bar will show up. This is quite a problematic development that will not be as easy to solve by any means. Consumers often do not check the specific details related to the certificate in question. Instead, they will trust the platform just because it has this small green lock next to the website address.

This new threat has become quite apparent across recent phishing campaigns. The scammers send out millions of emails to people all over the world in an attempt to redirect them to a phishing website. For the victims who click these links, they will see the HTTPS certificate and assume it is a legitimate service. As we mentioned in a previous article, the issuance of these HTTPS certificates is facilitated by the Let’s Encrypt initiative. Issuing certificates free of charge without further questions asked has become a treasure trove for phishers and other scammers.

For the time being, it is evident there is no clear solution in sight. Let’s Encrypt has acknowledged the problem exists, yet they are not entirely sure how they can address this abuse. It is evident consumers need to be made aware of how just seeing the green lock does not mean the website they visit can be trusted. Raising awareness of this issue means another educational campaign needs to be organized.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Altcoin Alert: Crypto Market Cap Breaches Key Level Hinting at an 8000x Rally for this Shiba Inu Killer

Shiba Inu (SHIB) gave enormous returns in 2021, making many early holders millionaires. After the…

2 hours ago

XRP Crash? XRP Falls Below $0.5 Resistance Level as Next Gen Altcoin JetBolt Takes Over

Spooky season might be over but doom is still looming as Ripple’s XRP falls below…

5 hours ago

This New Exchange Token Is Poised for a Price Surge Alongside Cardano and Avalanche – Analysts Predict Huge Gains This November

Three promising altcoins are causing a stir among investors this November: Avalanche (AVAX), Cardano (ADA),…

5 hours ago

With Dogecoin Dipping and TRON Holding, Is Lunex the Hottest Crypto Now?  

Everyone knows what the hottest crypto can do. When it was so hot it was…

5 hours ago

Tron Fees To Be Cut In Half Through Proposal 95, Cutoshi Surpasses $600k As TRX Investors Join CUTO Presale

The Tron network has witnessed incredible growth in several areas, especially in its adoption, which…

7 hours ago

$Pepe Whale Sell-Off And Fund Transfers Stir Volatility In Meme Coin Market

Recently, major $PEPE holder Flow Traders transferred 520 billion $PEPE tokens—worth approximately $4.73 million—from address…

15 hours ago