The U.S. Federal Bureau of Investigation (FBI) issued a public service announcement regarding TLS-secured websites being actively used by malicious actors in phishing campaigns.
Internet users are accustomed by now to always look at the padlock next to the web browser’s address bar to check if the current page is served by a website secured using a TLS certificate.
Users also look for after landing on a website is the “https” protocol designation in front of the hostname which is another hint of a domain being “secure” and the web traffic is encrypted.
Read more…
Source: Bleeping Computer