Fake SSL Certificates Seen Again

October 8, 2008 – 7:15 AM

Online banks use cryptographic protocols to secure the exchange of information on the Web, and hackers do not hesitate to adapt to this technology too. A new case of fake SSL (Secure Sockets Layer) certificates appeared again, following phishing threats we’ve seen last April and May.

This time, the website of Open Banks Enterprises was faked by malware authors using Rock Phish Kit.  Like similar phishing or malware cases, this spoofed site asks customers to download a new security certificate. The site even displays options for Windows users and Mac users, but users are led to .EXE files, which perform malicious routines on systems, compromising their security instead of securing online transactions like security certificates are supposed to do.


You must be logged in to post a comment.