This evening I am making a public service post to raise awareness about malicious phishing sites getting valid SSL certificates from certificate authorities.
 In Chrome, this means that a phishing site is labeled as ‘Secure’. Even if a certificate authority realizes they issued a certificate to a malicious website when they revoke that certificate, Chrome still shows the site as ‘Secure’.
 The fact that the certificate is revoked is buried deep in Chrome developer tools where most users won’t find it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>