There has been a constant rise in HTTPS phishing websites in recent of years, an increase that occured in line with the the shift rate from HTTP to HTTPS on commercial websites. HTTPS sites have been awarded SSL/TLS certificates and display a green padlock beside the the URL. The green padlock shows that the site is secure. It confirms to website visitors that the link between their browser and the website is encrypted. This means there is a level of security from man-in-the-middle attacks by ensuring data sent from the browser to the website cannot be intercepted and viewed by external parties.
HTTPS websites are now used by a large number of companies, particularly e-commerce website owners. This has become more and more important since search engines such as Google Chrome provide clear indications to Internet users that sites may not be secure if the link is not encrypted.
However, users should be aware that the green padlock does not mean that the site is authentic if it can be seen beside the URL it does not mean the site is completely secure.
If the website is managed by a cybercriminal, all the green padlock means is that other hackers will not be able to intercept data. Any data entered on the website will be shared with the criminal operating that site. If Internet users are aware that HTTPS does not mean completely secure, they will be less likely to hand over sensitive information if the green padlock is not present. Unfortunately, free SSL certificates can easily be obtained to turn HTTP sites into HTTPS phishing websites.
PhishLabs released a report, back in Q1, 2016, fewer than 5% of phishing websites used HTTPS. By Q3, 2016, the percentage started to rise rapidly. By Q1, 2017, the percentage had almost reached 10%, and by Q3, 2017, a quarter of phishing websites were using HTTPS. The 30% milestone was reached around Q1, 2018, and at the end of Q3, 2018, 49% of all phishing sites were using HTTPS.
A PhishLabs research survey completed late last year clearly showed the lack of understanding of the meaning of the green padlock. 63% of consumers surveyed viewed the green padlock as meaning the website was legitimate, and 72% saw the website as being secure. Only 18% of those who completed the survey correctly identified the green padlock as only meaning communications with the website were encrypted.
It is crucial that all Internet users to understand that HTTPS phishing websites not only exist, but before long the most phishing websites will be on HTTPS and showing the green padlock. A discussion about the true meaning of HTTPS is long required and it is certainly something that should be covered in security awareness training sessions.
It is also now important for companies to use a web filtering solution can complete SSL inspection – the decryption, scanning, and re-encryption of HTTPS traffic to ensure that access to these malicious websites is prevented. Along with reading content and assessing websites to determine whether they are dangerous, SSL inspection ensures site content can be categorized correctly. This ensures that sites that breach a company’s acceptable usage policies are blocked.
There is a downside to using SSL inspection, and that is the workload placed on CPUs and a reduction in Internet speeds. SSL inspection is therefore optional with most advanced web filters. To ensure that the workload is reduced, IT teams should use whitelisting to stop commonly used websites from being subjected to SSL filtering.
WebTitan Incorporates SSL Filtering to Prevent Access to HTTPS Phishing Websites
WebTitan is a strong web filtering solution for SMBs and managed service providers (MSPs) that supplies protection against web-based threats. There are three products in the WebTitan family – WebTitan Gateway, WebTitan Cloud, and WebTitan Cloud for Wi-Fi; all of which include SSL filtering as standard. If SSL filtering is enabled, users will be secured from HTTPS phishing websites and other malicious sites that have SSL certificates.
All WebTitan products can be downloaded quickly, with no technical knowledge needed, and have been designed to be easy to implement. An intuitive user interface places all information, settings, and reports at users’ fingertips which makes for simple enforcement of acceptable Internet usage polices and fast reporting to identify potential problems – employees browsing habits and users that are attempting to bypass filtering controls for example.
Whether you are an MSP that wants to start providing web filtering to your clients or a SMB owner that wants greater security from web-based threats, the WebTitan suite of products will provide all the features you need and will allow you to strengthen security and employee productivity, cut legal liability, and establish a safe browsing environment for all users of your wired and wireless networks.
For further details on WebTitan, cost analysis, web filtering advice, to reserve a product demonstration, or to register for a free trial of the product, get in touch with TitanHQ now.