"Trusted Certificates make Phishing Websites Appear Valid"

In a new study, researchers analyzed suspicious domains targeting 20 major retailers in the U.S., U.K., France, Germany, and Australia.  They discovered over 100,000 look-alike domains that use valid TLS certificates to appear safe and trusted. The growth in the number of look-alike domains has more than doubled since 2018, outpacing legitimate domains by nearly four times.  The researchers also discovered that the total number of certificates that used look-alike domains is more than 400% greater than the number of authentic retail domains.  Retailers are often targets of cybercriminals, one top U.S retailer, in particular, has over  49,500 look-alike domains targeting their customers. Over half (60%) of the look-alike domains that have been discovered use free certificates from Let’s Encrypt.

Help Net Security reports: "Trusted Certificates make Phishing Websites Appear Valid"