Reply to post: Re: So

The curious sudden rise of free US election 'net security guardians

Crazy Operations Guy

Re: So

Yup, like I've been seeing quite a few phishing websites with Extended Verification Certificates, but are otherwise amateurish copies of the real things. But people trust them anyway because the bar at the top of the browser is green.

I've noticed that a couple of these phishing sites are using certificates issued by CAs that are either government-run or are suspiciously friendly to governments. Like the other day I noticed a phishing website purporting to be a fairly large Saudi bank held a certificate issued by an Israeli CA. Or an Indian bank that was using a Pakistani-issued certificate.

I've also seen password stealing pages that use captchas, scams that require two-factor authentication, and many other nasties that take advantage of security mechanism to appear legitimate.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022