In accordance with FBI, hackers have found a new way to deceive users by using secure HTTPS sites. Users think they enter a secure site and enter personal information, login credentials, bank information, and more. Thus, hackers gain access to this data.
Most users, when visiting a site, check whether the front of the address is the wardrobe. If present, they believe the site is legal and safe. But in reality, SSL / TLS certificates show nothing about the legitimacy of the site, just encrypt the connection between the browser and the server to prevent hackers from invading.
Hackers exploit users' trust in "https" and the padlock icon and incorporate certificates to mislead them users. So they imitate trustworthy companies and send malicious emails to their victims.
PhishLabs did a survey and came to a very worrying conclusion. The third quarter of 2018, 49% of phishing sites used SSL / TLS certificates. We are talking about an increase of 35%, compared to the second quarter of 2018.
SSL Certificates: Different Types
Extensive validation (EV): Shows the company name in the browser address bar.
Organization Validated (OV): This is a very reliable certificate, which hackers can hardly get. This type of certificate certifies ownership of the domain and the organization's information.
Domain validation (DV): This certificate is easy to get. If someone proves ownership of the domain, authorities like Let's Encrypt provide it for free. Hackers usually take advantage of this type of certificate.
Hackers acquire the certificates and use them to mislead users and make them download malicious programs.
Certificate Transparency attempts to address these threats. It helps to better supervise and speed up the detection of any suspicious activity.
It's good not to rely solely on the HTTPS and the padlock icon. If we want to check the legitimacy of a site, we can use online page scanners.
Hackers are using increasingly sophisticated methods to trick and infect our systems with malicious programs. That is why we all need to be very careful check the sites before we open them.