Increase in HTTPS phishing attacks
Over the past few years website owners have been encouraged to adopt HTTPS website domains rather than HTTP. With HTTPS, data in transit is encrypted; this provides additional security for transiting data, such as login credentials, which may contain information of use to attackers.
HTTPS domains are verified by SSL Certificate Authorities, who issue and authenticate certificates. The padlock symbol in the URL field links to the certificate provider’s…
Link: Weekly Threat Report 15th December 2017
Source: NCSC Reports