"Election" hacking has never been simpler than it is today!
infosec

"Election" hacking has never been simpler than it is today!

Being a professional hacker has never been easier and more profitable than it is today. According to...
Read More
infosec

A new Android Trojan misleads users through notifications

A new Android Trojan discovered by security researchers on the Google Play Store uses false notifications to redirect their ...
Read More
infosec

Europol: Training of police officers with ....... a game!

In recent years, cryptocurrencies are a frequent target of hackers' attacks. For this reason, Europol has decided to train ...
Read More
infosec

Dark Web: Selling drugs in exchange for Bitcoins. Now prison!

We know that Dark Web is mainly used by hackers and people who are interested in doing illegal online activities. These people are using ...
Read More
infosec

Twitter: Deleting thousands of fake Iranian and Russian accounts

One of the most common means of spreading misinformation and political propaganda is social media. Twitter found, ...
Read More
Latest Posts

FBI: Hackers use secure HTTPS sites to trick users

HackersIn accordance with FBI, hackers have found a new way to deceive users by using secure HTTPS sites. Users think they enter a secure site and enter personal information, login credentials, bank information, and more. Thus, hackers gain access to this data.

Most users, when visiting a site, check whether the front of the address is the wardrobe. If present, they believe the site is legal and safe. But in reality, SSL / TLS certificates show nothing about the legitimacy of the site, just encrypt the connection between the browser and the server to prevent hackers from invading.

Hackers exploit users' trust in "https" and the padlock icon and incorporate certificates to mislead them users. So they imitate trustworthy companies and send malicious emails to their victims.

PhishLabs did a survey and came to a very worrying conclusion. The third quarter of 2018, 49% of phishing sites used SSL / TLS certificates. We are talking about an increase of 35%, compared to the second quarter of 2018.

SSL Certificates: Different Types

Extensive validation (EV): Shows the company name in the browser address bar.

Organization Validated (OV): This is a very reliable certificate, which hackers can hardly get. This type of certificate certifies ownership of the domain and the organization's information.

Domain validation (DV): This certificate is easy to get. If someone proves ownership of the domain, authorities like Let's Encrypt provide it for free. Hackers usually take advantage of this type of certificate.

Hackers acquire the certificates and use them to mislead users and make them download malicious programs.

Certificate Transparency attempts to address these threats. It helps to better supervise and speed up the detection of any suspicious activity.

It's good not to rely solely on the HTTPS and the padlock icon. If we want to check the legitimacy of a site, we can use online page scanners.

Hackers are using increasingly sophisticated methods to trick and infect our systems with malicious programs. That is why we all need to be very careful check the sites before we open them.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *