Threat: These days, pretty much everyone knows that you can browse HTTPS sites backed by SSL certification with much more confidence than ordinary URLs. Sadly, cybercriminals are well aware of that fact too.
“The bad guys have figured out that you’re not going to go to a site if a big warning comes up in your browser which says ‘invalid certificate’ or ‘not an HTTPS site,’” says Lonas. As a result, he continues, hackers have begun setting up HTTPS sites of their own. Indeed, 93 percent of phishing domains identified by Webroot last September and October offered HTTPS.
“There’s all these sites now where you can get a free [SSL] certificate or a very cheap certificate,” Lonas notes.
Countermeasure: For now, according to Lonas, the best defense against fake HTTPS sites is a good endpoint security system, which should protect users from malicious payloads waiting for them on arrival. Longer term, he adds, Webroot and other vendors will get progressively better at sniffing out questionable SSL certificates from fly-by-night issuers.
“Not all certificates are created equal,” Lonas observes.
More Galleries like This
All three companies published new research studies at CompTIA’s 2017 ChannelCon event today. Here are a few of their most interesting findings.
Datto, NinjaRMM, The 20, Connect Booster, SOCSoter, and Nexogy share details on what's happening now and what's coming up next for channel pros.
Held last week in Los Angeles, the first of the distributor’s live events for 2018 showcased mobility, security, IoT, and vertical industry solutions, among other opportunities, as hot markets for SMB resellers in 2018
Intel, Kaspersky Lab, Barracuda, AlienVault, and RapidFire Tools are among the many vendors who made security news on the second day of this year’s RSA Conference.
How has the company changed since being bought by private equity? Where will it invest all that money now at its disposal? What’s founder Arnie Bellini up to these days? We got the scoop for you last week at ConnectWise’s 2019 IT Nation Explore event.