Making technology work for you...

Get Your Free Subscription By Email:

Domain Phishing

Fake Websites 101: How to Spot Them?

Data security is paramount for anyone using sophisticated devices like smartphones, laptops, PCs, and tablets to connect to the internet. Phishing is a serious threat for individuals as well as businesses who value their data. According to ENISA (The European Union Agency for Cybersecurity), phishing attacks witnessed a huge spike in 2020 when people across the globe were forced to stay indoors due to the lockdown. Google is doing its bit in labeling malware and phishing sites. However, a little knowledge at your end makes it easier for you to such tackle threats.

SSL Trick Allows Spoofing Domain Certificates

SSL HackingThis years BlackHat security conference revealed some serious security loophole in way SSL certificates can be made to spoof domain identity, the trick allows phishers to spoof and display certificate of their choice on user browsers, this means that the attacker could make you land onto a phishing domain (say and your browser will validate the SSL certificate for genuine domain (say, the spoof works like this - the attacker applies for a SSL certificate with a null-character in the sub-domain for example :[null character here], the certificate authority ignores the sub-domain and contacts the domain owner to verify its legitimacy and issue the certificate, the problem arrives when clients like Firefox stop at the null character and wrongly displays the certificate valid for on the phishing domain in this case.

This is just one of the many helpful tips we have posted, You can find more stories here,
Do subscribe to updates using your favorite RSS feed reader or using the secure FeedBurner email update form on top of this post.