Home
Home

Directory
Directory

Articles
Internet News
Security News
Ecommerce News
Domain News

Site Tools
Site Speed Test
Keyword Research
Resolve Hostname
DNS Tools
Register Domains
Affiliate Programs
Open Source

Shopping Carts
Cart Reviews
SSL Certificates

Enter your email address to subscribe to our updates:

Delivered by FeedBurner


Venue Charts
Channel Traffic Rankings
OAI Stock Quotes and Charts
eBay's Worst Feedback

Forum
Forum Home
TulipTools News
Advertising
Blogging
Computer Hardware
Domain Names
Ecommerce
Financing
Int'l Trading
Graphics and HTML
Internet Access
Legal Issues
Internet Business
Auction Sites
Classified Ad Sites
Fixed Price Venues
Operating Systems
Programming
Search Engines
Internet Security
Software
Web Hosting
Webmaster Issues
Reviews
Announcements
Off Topic Discussion

Web Hosting
TulipHosting

Domain Names
TulipDomains

Web Stats
TulipStats

Forum Rules
Forum Rules
Privacy Policy

Site Map
Forum Sitemap
Sitemap Topics




Directory| Forums| Internet News|Cart Reviews| DNS Tools| Keyword Research| Site Speed Test| Security| | Domain Marketplace| Domain Blog
TulipTools Internet Business Owners and Online Sellers Community
  • Home
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
TulipTools Internet Business Owners and Online Sellers Community › Security › Internet Security › SSL Certificates
New Phishing Scam Deceives With Phony SSL Certificates

  
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
New Phishing Scam Deceives With Phony SSL Certificates
09-23-2005, 01:15 PM,
Post: #1
mandy Offline
Administrator
*******
 		Posts: 9,932
Likes Given: 0
Likes Received: 6 in 5 posts
Joined: Feb 2011
Reputation: 0
New Phishing Scam Deceives With Phony SSL Certificates
Quote:It starts the same as most phishing attacks, with spammed e-mails urging recipients to click on a link to update a financial account. The destination is a spoofed version of a real site ...

But this campaign goes above and beyond the typical. The spoofed site uses the HTTPS protocol so that the browser shows the standard "lock" icon designating a secure site.

http://www.informationweek.com/story/sho...=171200010
Like Post Reply
[+]
02-14-2006, 09:22 AM,
Post: #2
mandy Offline
Administrator
*******
 		Posts: 9,932
Likes Given: 0
Likes Received: 6 in 5 posts
Joined: Feb 2011
Reputation: 0
Re: New Phishing Scam Deceives With Phony SSL Certificates
Another phishing scam involving SSL certificates:

Quote:Now here's where it gets really interesting. The phishing site, which is still up at the time of this writing, is protected by a Secure Sockets Layer (SSL) encryption certificate issued by a division of the credit reporting bureau Equifax that is now part of a company called Geotrust.

Geotrust and other SSL issuers are supposed to do some basic due diligence to ensure that the entity requesting an SSL certificate is indeed authorized to request it on the company's behalf. In this case, however, it looks like that process fundamentally broke down...

http://blog.washingtonpost.com/securityf...ing_1.html
Like Post Reply
[+]
02-14-2006, 07:46 PM,
Post: #3
jezebel Offline
Tulip Fanatic
*******
 		Posts: 1,385
Likes Given: 0
Likes Received: 0 in 0 posts
Joined: Jul 2005
Reputation: 0
Re: New Phishing Scam Deceives With Phony SSL Certificates
Quote:it looks like that process fundamentally broke down

I don't think it's fair to blame Geotrust's authentication process.  It would be equally easy to forge incorporation papers and fax them in with another SSL issuer.

The only solution is for email clients to come with big bold letters that say, "Don't Click on ANY Links"  Wink
Like Post Reply
[+]
« Next Oldest | Next Newest »




Possibly Related Threads…
Thread Author Replies Views Last Post
  Avoid the Mass Spammers at Comodo / PositiveSSL When Buying SSL Certificates regic 4 13,723 09-07-2010, 11:43 AM
Last Post: mandy
  No SSL = Lost business xwpopper 4 3,340 01-11-2010, 11:01 PM
Last Post: bargainbloodhound
  Think your store or auction site's implementation of SSL is secure? Think again mandy 0 2,005 07-31-2009, 08:31 AM
Last Post: mandy
  Configuring SSL Under Apache mandy 0 2,647 03-11-2008, 01:21 PM
Last Post: mandy
  Verisign Ignores Complaints of SSL Seal Misuse Kristijntje 0 2,751 12-02-2007, 02:18 PM
Last Post: Kristijntje
  Who is The SSL Certification Leader? mandy 7 6,163 10-05-2007, 03:48 PM
Last Post: regic
  Extended Validation SSL Certificates may create problems for Small Businesses mandy 10 7,878 06-16-2007, 06:07 PM
Last Post: valleygirl
  List of SSL Security Certificate Providers allmusicsearch 8 9,590 10-15-2006, 01:43 PM
Last Post: bargainbloodhound
  Ecommerce Sites Face New Security Problem: SSL-evading trojans and malware regic 0 2,785 06-01-2006, 02:02 PM
Last Post: regic
  SSL Certificate Issuer Verisign Acquires Rival GeoTrust for $125 million Kristijntje 0 3,070 05-20-2006, 01:01 PM
Last Post: Kristijntje

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


Users browsing this thread: 1 Guest(s)
  • Contact Us
  • TulipTools Internet Business Owners and Online Sellers Community
  • Return to Top
  • Lite (Archive) Mode
  • RSS Syndication
  • Help
Current time: 08-02-2021, 12:29 AM Powered By MyBB, © 2002-2021 MyBB Group. Theme created by Justin S.
powered by Apache

powered by Linuxpowered by CentOS

Copyright 2000-2013 TulipTools.com. All rights reserved.