The SSL "lock" does not mean you are safe
Netcraft is reporting that phishing attempts spoofing SSL encryption in the browser are on the rise. The attacks are using more sophisticated means, including certificates with bank-like names on them. As Netcraft notes, most people will ignore browser messages that say the certificates don't match. I agree.
The warnings are not specific enough to alarm most people, usually stating that the certificate cannot be validated, or "doesn't match." And most folks who decide to look at the certificates don't care what the domain on the cert says, and/or won't have a clue what the signatures mean. Spamroll: The SSL "lock" doesn't mean you're safe
Back to: PC Security, privacy news