According to this engadget article, an anti-phishing company called PhishLabs has found that almost 50% of phishing sites are now using SSL encryption on their sites. Although they are now encrypted traffic they are still stealing information from you! Any now that they are using SSL, some browser pop ups won’t alert you as much that there’s something wrong with this site (IE not using SSL). This also will show the padlock in your browser giving the user a false sense of security. They mention in the article, phishing sites using SSL as been trending upwards over the past few years. I can definitely see in the future most if not all phishing sites will do this all the time. It’s a few extra dollars to get SSL certs, but completely worth it to them if they get to steal valid credentials and personally identifiable information.
https://www.engadget.com/2018/11/26/half-of-phishing-sites-now-show-as-secure/
Leave a Reply
You must be logged in to post a comment.