The number of HTTPS phishing websites has increased since January. Since browsers have started alerting users when they access pages that do not use HTTPS.
The certificate authorities have issued thousands of SSL certificates for domain names clearly meant for use in phishing and scam. Scammers or Phishers usually use Let’s Encrypt and Comodo domain-validated certificates for phishing sites.
Netcraft (internet service) announced on Wednesday that the proportion of phishing sites using HTTPS increased from about 5% to 15%.
“If the new browser behaviour has driven this change — and the timing suggests it might have — then it may have also had the unintended side effect of increasing the efficacy of some phishing sites,” explained Netcraft’s Paul Mutton. “Phishing sites that now use HTTPS and valid third-party certificates can appear more legitimate, and therefore increase the likelihood of snaring a victim.”
“Another plausible hypothesis is that many legitimate websites have migrated to HTTPS in response to the new behaviour in Firefox and Chrome. Phishing sites are often hosted on compromised websites, and so this would naturally cause the number of HTTPS phishing sites to increase accordingly; or it could be that some fraudsters are now targeting HTTPS websites in preference to HTTP sites.” continues the analysis.
Netcraft has blocked phishing (scams) attacks on more than 47,500 sites with a valid SSL certificate between 1st January and 31st March 2017.
Hackers are always trying to find clever methods to phish users.
