Phishing Sites Now Using Green Padlock Symbols

Screenshot showing a truncated view of an internet browser address bar, with a green padlock symbol followed by https and www

Social engineers continue to get more sophisticated in their attempts to trick you. A current example is that the green padlock symbol, a recognizable element of site safety, that’s visible in your browser’s address bar, is now being used in many phishing sites. The green padlock symbol denotes that the data exchanged between the browser and website is encrypted with SSL (Secure Sockets Layer) technology and cannot be read by third parties. Further, the “https” which follows the green padlock in your browser’s address bar means a site has a valid SSL certificate. Phishers are now adopting SSL, registering domain names and creating certificates for their websites. Hence, the green padlock security indicator can no longer be solely relied upon to determine a website’s safety or security.

Recommendations:

  • Experts suggest that users look for inconsistencies in a site’s URL and webpage.
  • It is a recommended best practice to visit a site by typing the URL into your browser’s address bar or locating a site via an internet search.
  • It is not advisable to visit sites via embedded links in email messages as this is a commonly used method for directing victims to spoofed sites.  

Resources: