When we visit a website where we need to enter our credentials, the first thing we do is look for the lock or https in the site URL to make sure it's safe. However, a new investigation by PhishLabs has shown that this advice is no longer useful, as 49% of the phishing pages that attempt to steal your data contain a green lock and HTTPS in their URL.
Last year, only 35% of phishing sites carried the HTTPS protocol, but this year the number increased to 49%. Where hackers know what users see on a URL, and therefore try to present it in the most legitimate form possible, where the HTTP Web page now appears as "unsafe." In a survey conducted by the company, 80% of users believe that having a green lock on the Internet means it is real and safe.
As we know, HTTPS only says that the data that is transferred between the browser and the Web is encrypted using SSL. However once the page is accessed it can be decoded. Some URLs are directly wrong with the naked eye, especially those with ranges beginning with "xn-" known as punycode. However, others seem so real that they use very similar URLs.
In the Google Chrome browser the punycode pages are marked as unsafe very quickly. This is the case of Bibox, a gateway exchange algorithm. The fake website that tries to impersonate the domain appears: bboxbox.com / login, but actually redirects to https: //www.xn--bbox-vw5a [.] Com / login, which is a fake domain and puts it this way in Chrome and Firefox .
As we know, HTTPS only says that the data that is transferred between the browser and the Web is encrypted using SSL. However once the page is accessed it can be decoded. Some URLs are directly wrong with the naked eye, especially those with ranges beginning with "xn-" known as punycode. However, others seem so real that they use very similar URLs.
In the Google Chrome browser the punycode pages are marked as unsafe very quickly. This is the case of Bibox, a gateway exchange algorithm. The fake website that tries to impersonate the domain appears: bboxbox.com / login, but actually redirects to https: //www.xn--bbox-vw5a [.] Com / login, which is a fake domain and puts it this way in Chrome and Firefox .
All this makes us very care on the links we reach. The safest thing is to access them by typing them manually in the URL bar, as well as searching them in Google. Clicking on the links we find on the Internet or that we can receive in spam emails can expose us to this type of attack. Therefore, the HTTP page will always be 100% insecure, but the HTTPS page does not indicate that it is completely secure.
Share this
Related Posts
Get this button to make a screenshot of youtube videosWhen you watch videos on YouTube sometimes you want to take a certain snapshot of the vid
Computer science and computer engineering
What is the difference between computer science and computer engineering? We must all 
Best 4 general DNS servers to speed up your web browsingDNS is a system that translates domain names that you write into your browser into their 
In the way of information security experts, the best two ways to avoid falling into the keylogger trap and steal your data from the hackersWe all know that keyloggers are one of the worst malware programs that even the most powe
:)
:(
hihi
:-)
:D
=D
:-d
;(
;-(
@-)
:P
:o
:>)
(o)
:p
:-?
(p)
:-s
(m)
8-)
:-t
:-b
b-(
:-#
=p~
$-)
(y)
(f)
x-)
(k)
(h)
cheer