58% of Phishing Websites Now Use HTTPS

Stop me if you’ve heard this one before: incidence of phishing have increased since last quarter. Again. Just like the quarter before that. And the quarter before that. Dating all the way back to the days of the early internet when a down-on-his-luck Nigerian prince first sought financial relief from the well-to-do denizens of AOL and Hotmail.

Nowadays phishing has evolved. Substantially. These are no longer shot-in-the-dark style emails that somehow manage to elude your spam folder. These are now highly-tailored feats of social engineering that target specific industries, companies and individuals. Phishing, the simple act of ripping someone off with a grammatically questionable email has grown up into CEO fraud, whaling, spearphishing, etc. It’s become the most common delivery mechanism for malware and other cyber attacks. 91% of cyber attacks now start with a phishing email.

In many ways phishing is like a gateway hack. It starts off as just a few innocent spearphishing emails among friends, but before you know it, you’re huddled over a laptop in an Eastern European internet café trying to scrape together enough of a botnet to launch one more DDoS…

…anyway, according to the Anti-Phishing Working Group (APWG) phishing is up again in Q1 and nearly 60% of the phishing websites the study turned up were using SSL/TLS – sporting the green HTTPS padlock. So, today we’re going to take a look at the study, break down some of the trends and offer a little insight on shoring up those defenses. Let’s hash it out.

READ MORE: www.thesslstore.com

Scroll to Top