How do you spot a phishing site on today's Internet?

[harlan4096]

Phishing has been around for a very long time on the Internet; it refers to certain techniques that criminals use to steal passwords, credit card information, Social Security Numbers, and other valuable information.

One common technique lures unsuspecting users to a domain that looks like the destination they want to visit; Facebook's login page, a bank's website, PayPal, eBay, Amazon, or any other eCommerce site or high profile target.

The links are distributed via email campaigns, on websites, or in chat rooms.

Users were asked to look for a green padlock icon in the browser to make sure the connection to the site was secure and to verify the address of the site as well.

The padlock icon is no longer a good indicator; in fact, it never was one to begin with on its own as it merely indicated that the connection to the site was secure. Identification only worked in combination with a site's URL.

More than half of the phishing sites on today's Internet use SSL according to a new report. The rise of HTTPS, in no small part thanks to Google's pushing in Chrome and the introduction of Let's Encrypt, a service to generate free SSL certificates, forced the hand of website owners and criminals alike. Chrome flagging all HTTP sites as "not secure" played a part in that.

How do you identify phishing sites on today's Internet then?

Full reading: https://www.ghacks.net/2018/11/26/how-do...ite-today/