HomeNewsHardware and GadgetsThe FBI reminds us of the reality of HTTPS: it indicates a...

The FBI reminds us of the reality of HTTPS: it indicates a secure connection, not a secure server

Published on

This week, the FBI has issued a warning: “Cybercriminals exploit ‘safe’ websites in phishing campaigns.” Why? Because the secure hypertext transfer protocol secure, better known simply as HTTPS, has become synonymous with security. And it is, indeed, although certain nuances have to be taken into account.

“The presence of HTTPS and the padlock icon is supposed to indicate that web traffic is encrypted and that visitors can share data securely,” says the note from the main criminal investigation agency of the US Department of Justice.

In fact, that letter means safe and browsers such as Google Chrome show the warning “is not safe” when visiting HTTP sites. It is important to make sure that the sites with which we share information use this protocol, because they indicate an encrypted and secure connection, but that is not all we have to take into account. They do not ensure, for example, that a server is what it claims to be.

HTTPS is not the panacea

However, we all know that HTTPS is not a panacea. And the bad guys on the internet, unfortunately, too. That’s why, as the FBI points out, they use the trust of the users in the protocol and the icon that identifies it.

They do this by increasingly using certificates from secure websites when carrying out phishing campaigns. They use the secure hypertext transfer protocol when sending potential victims email messages that mimic trusted companies or contacts.

The reason is that it is becoming easier to obtain a TLS security certificate that enables the administrator of a website to use the HTTPS protocol normally. It has a low cost and even through certain services can be obtained for free, especially from the momentum that Google gave to this protocol a few years ago through the consideration that they would have both their browser and the Chrome browser. A trend that joined the rest of browsers.

And the cybercriminals have taken advantage of it, as they explain from Naked Security:

“As expected, the criminals realized, which explains the rise of phishing sites that started using HTTPS in their domains around 2017.

That’s the frustrating thing about the FBI’s latest warning: criminals whitening their websites using the HTTPS cover is nothing new. Two years after those first warning signs, the problem has simply gotten worse.

One could argue that confusion is an industry problem because it spent years pushing the idea of ​​the security benefits of HTTPS without properly explaining its limits.

The concern now is that the attackers are moving beyond this gross scheme and are abusing domains backed by legitimate certificates. “

On the part of the users, it only remains not to trust by default on the HTTPS sites or the emails sent from them, to be critical of the information that they may request, to confirm the legitimacy of the requests sent by mail if the data requested is especially sensitive and, as always, be as cautious as possible.

Latest articles

Here’s How and When Mount Everest-sized ‘Devil Comet’ Can Be Seen With Naked Eye

Mount Everest sized Comet 12P/Pons-Brooks, also known as "devil comet" which is making its...

Something Fascinating Happened When a Giant Quantum Vortex was Created in Superfluid Helium

Scientists created a giant swirling vortex within superfluid helium that is chilled to the...

The Science of Middle-aged Brain and the Best Thing You Can Do to Keep it Healthy, Revealed

Middle age: It is an important period in brain aging, characterized by unique biological...

Science Shock: Salmon’s Food Choices Better at Reducing Risk of Heart Disease and Stroke

Salmon: Rich in Health Benefits, Yet May Offer Less Nutritional Value - This is...

More like this

Here’s How and When Mount Everest-sized ‘Devil Comet’ Can Be Seen With Naked Eye

Mount Everest sized Comet 12P/Pons-Brooks, also known as "devil comet" which is making its...

Something Fascinating Happened When a Giant Quantum Vortex was Created in Superfluid Helium

Scientists created a giant swirling vortex within superfluid helium that is chilled to the...

The Science of Middle-aged Brain and the Best Thing You Can Do to Keep it Healthy, Revealed

Middle age: It is an important period in brain aging, characterized by unique biological...