Recent data from anti-phishing company PhishLabs shows that 49% of all phishing websites in the third quarter of 2018 bore the padlock security icon next to the phishing website domain name in the browser bar.
Once upon a time this use to be a sure sign that you were visiting a legitimate site. This is not the case anymore.
A great example found by Krebsonsecurity on a site called phishtank.com (for phishing sites that use SSL), found this cleverly crafted page that attempts to phish credentials from users of Bibox. Can you spot what’s wrong about the web address? The green lock is there, but all is not as it seems.
If you look carefully at the URL in the address bar, you’ll notice a squiggly mark over the ‘i’ in Bibox. This particular website takes advantages of internationalised domain names (IDNs) to introduce visual confusion. As a result, these discrepancies can be very difficult to spot.
To keep in touch with more tips and recent news that can affect your business, be sure to follow us on Facebook and Twitter or visit our website.