Over the past couple of years, browser makers like Google, Microsoft, and Mozilla have been making a concentrated effort to move all web traffic to HTTPS, in the name of increased user security. Google, for example, has seen the number of secure pages loaded by Chrome increase from 44% in July of 2015 to 88% in July of this year. The "padlock" or "Secure Page" indicators have become a staple for most internet users, and we have become conditioned to associate those marks with a trustworthy and safe webpage.
Unfortunately, as with most great advances in technology, cybercriminals find a way to twist it for their own ends.
At least 50% of all illegitimate, malicious websites are now making use of the HTTPS protocol to make their campaigns seem more legitimate. When you pair the padlock with lookalike website names and a believable recreation of the original page… it's easy to see how these things can all add up to a nasty surprise for a distracted, stressed, or preoccupied individual!
Check out the main article by KrebsOnSecurity HERE.