A Quarter of Phishing Attacks are Now Hosted on HTTPS Domains: Why?

The push for more widespread adoption of HTTPS has been in full-force this year as a way to increase the number of websites that securely transmit information on the Internet. In January, both Chrome and Firefox browsers began alerting users whenever sensitive information, such as passwords or credit card information, was entered on a non-HTTPS web page. In October, Google took this a step further by displaying a “Not Secure” label in the URL bar whenever a user enters any text on an HTTP website.
Read more

The Mobile Phishing Threat You’ll See Very Soon: URL Padding

The fact that hackers are increasingly targeting mobile devices isn’t exactly a secret. And really, it’s not surprising either. After all, most of us are practically glued to our smartphones throughout the day. An SMS arrived? Better read it straight away. New email? Let me at it. Somebody I don’t care about updated their Facebook status? Great, let’s see what they’re up to. The increased attack volume we’re seeing directed at mobile devices is really nothing more than recognition on the part of threat actors that mobile devices account for an increasingly large proportion of web traffic… but aren’t nearly as well protected as PCs and laptops. So with all that in mind, it shouldn’t be terribly surprising that we have a new mobile phishing threat to tell you about.
Read more