[ad_1]
If the websites in the address bar are marked with a lock – often in green – this suggests a lot of security to many users. As a survey shows, labeling is hardly an indication of safety. Half of all phishing sites also have the icon.
The green lock is absolutely not automatic for security
How can I move safely through the net? In addition to a good dose of common sense, which remains the best cure for attacks, it is understandable that users also rely on program labeling. In particular, the lock – usually green – in the browser's address bar often seems to indicate false security.
Infographic: these are the most successful subject lines in phishing
In fact, the symbol only indicates that the data traffic between the browser and the server is managed via HTTPS and encrypted with TLS – thus, third parties must be reliably excluded from accessing the data stream. As a recent study by security researcher and journalist Brian Krebs reveals, more than half of the phishing sites also carry the lock icon and are accessible via HTTPS.
According to his badysis, scammers take the trouble to encrypt the traffic on their phishing sites because many users still rely on the lock icon to indicate safe use. Because of the confusion surrounding the symbolism, the lock has become a popular means of concealing the real intentions of the sponsors of many frauds.
Browser manufacturers respond
The fact that many users misinterpret the lock symbol as a sign for secure websites also encourages browser manufacturers to take action. Google and Mozilla have both announced their intention to completely remove the tag from their browser's address bar. In the future, Web pages that allow unencrypted HTTP connections to be dangerous are automatically flagged. The omission of the HTTPS label would allow fraudsters to misuse this security seal that is no longer misunderstood.
Browser, https, closed, address bar, padlock icon
CC0 / Pixabay
2018-11-29T15: 48: 00 + 01: 00John Wool
Source link