Nowadays, more and more people are aware of what an SSL certificate is. However, not everyone has sufficient knowledge about cyberattacks. The vast majority of average internet users pay attention to the presence of a padlock icon in the address bar. If it’s there, the site is considered safe. Is this always the case? Unfortunately not. In today’s world, the padlock icon alone is not enough to determine whether a website is comprehensively protected against the theft of personal data. Therefore, when visiting websites, we need to use common sense and exercise caution. Pay particular attention to transactional websites or data entry forms.
Sites that steal personal data
The number of websites that steal users’ sensitive information continues to rise. Unfortunately, cyberattacks are widespread and will remain so. We are already familiar with many methods used by online fraudsters, yet new ones keep emerging. Interestingly, fake websites also use SSL certificates – a study by PhishLabs found that over half of these sites use secure connections. From the user’s perspective, this is a very dangerous situation. A few years ago, distinguishing a legitimate website from a fake one was not a big problem. All you had to do was check if there was a padlock icon next to the address bar, which confirmed that the site was secure. It was also relatively easy to detect phishing attempts. Typically, the fake site’s address was almost identical to the legitimate one, and the site design was copied as well. At first glance, everything looked fine. However, the absence of a padlock icon was a clear warning that prompted many people to discontinue using the site just in time. Today, technological advancements can also work to our disadvantage. Cybercriminals strive for absolute perfection. Their scams are meticulously planned, making them harder to detect. Those behind phishing campaigns quickly realized the significant role that SSL plays. This is precisely why many fake websites now have an SSL certificate. The browser indicates that the connection is secure, yet our data is seriously at risk.
The rise of “secure” sites
Statistics are relentless: the number of dangerous websites that have implemented an SSL certificate is continually increasing. Back in early 2018, they accounted for about 35%. Currently, more than half of these fraudulent sites provide a “secure” connection, meaning they display a padlock next to the URL. Every internet user should be aware of this phenomenon. The presence of an SSL certificate shows that data transmitted is encrypted, preventing unauthorized parties from intercepting it. However, the padlock icon does not give us absolute certainty that a given website, for example, belongs to a popular store. Unfortunately, there is no guarantee that we won’t fall victim to a cyberattack. Our data could still be stolen or altered. Interestingly, even bank websites are being forged. It’s worth knowing that banks use SSL EV certificates (Extended Validation). This means that the browser does not display these sites in the same manner as standard websites. In addition to the padlock icon, the name of the entity that owns the SSL certificate is also shown. Perhaps in a few months, cybercriminals will find a way to falsify this information. As of today, however, bank customers can rest easy.
Would you like to provide the highest level of security for your website? Check out the offer of the cheapest SSL EV certificates.