Half of the phishing websites have HTTPS and a green padlock

Others



[ad_1]

392




  2. Half of the phishing websites use HTTPS and …

When we visit a Web page in which we have to present our powers, The first thing we do is to look for the padlock or the https in the URL. However, a new survey on PhishLabs showed that this advice was no longer useful, since 49% of phishing pages that attempt to steal your data have the green padlock and HTTPS in the URL.

49% of phishing sites are HTTPS

Last year only 35% of phishing websites were in HTTPSbut this year the figure has increased to 49%. The hackers know what users see in a URL, and for that reason, they try to give it the most legitimate appearance possible, since HTTP Web now appears as "unsecured". In the investigation conducted by the company, the 80% of users believed that the fact that a website had the The green padlock implied that it was real and safe.

As we know, HTTPS only indicates that data transmitted between the browser and the Web is encrypted using Secure Sockets Layer (SSL). However, once arrived at their destination, they can be deciphered. Some URLs are directly false in short, with domains starting with "Xn" (known under the name of punycode). However, others seem so real that they use very similar URLs.

An HTTP Web site is not secure, but an HTTPS protocol may also not be.

In Chrome, punycode pages are flagged as unsecured fast enough. This is the case of Bibox, a crypto-currency exchange portal. A fake website that tries to borrow the identity of the domain bỉbox.com / login, but actually redirects to https: //www.xn--bbox-vw5a[.]com / login, which is a false domain and they mark it as such Chrome and Firefox.

unsafe chrome website "width =" 715 "height =" 374 "srcset =" https://www.adslzone.net/app/uploads/2018/11/sitio-web-inseguro-chrome-715x374.jpg 715w, https: //www.adslzone.net/app/uploads/2018/11/sitio-web-inseguro-chrome-400x209.jpg 400w, https://www.adslzone.net/app/uploads/2018/11/sitio-web -inseguro-chrome-768x402.jpg 768w, https://www.adslzone.net/app/uploads/2018/11/sitio-web-inseguro-chrome-634x332.jpg 634w, https: //www.adslzone. net / app / uploads / 2018/11 / web-site-insecure-chrome.jpg 1268w "sizes =" (maximum width: 715px) 100vw, 715px

All of this means we have to be very cautious about the links we have access to. The safest is that we have saved them in favorites, or that we have access to them by manually writing them in the URL drawer, as well as by searching them in Google. Clicking on links that we find on the network or that we may receive in phishing emails may expose us to this type of attack. So a page HTTP will always be 100% secure but that's a The HTTPS page does not indicate that it is completely secure.

Written by Alberto García

[ad_2]
Source link

Powered by https://naaju.com/argentina | Designed by Naaju
© Copyright 2024, All Rights Reserved