Tuesday, July 16, 2024

Why Are DV Certificates Hot Favourites Of Hackers?

SSL Certificates and their data encryption capabilities are indispensable to website security. However, not all SSL certificates are equal. SSL Certificates are of three types – DV Certificates, OV Certificates, and EV Certificates.

Even though the level of encryption is similar for all three types of SSL certificates, the vetting, verification, and validation process differs majorly. These authentication processes define the reliability of the website. DV SSL Certificates are considered particularly dangerous.

In this article, we will help you understand why they are dangerous and what alternatives exist to DV Certificates.  

DV Certificates: An Overview

DV or Domain Validated SSL Certificates are the most basic security certificates. As the name suggests, these security certificates are issued by the Certificate Authority (CA) after verifying and validating the domain ownership. DV Certificates are recommended only for personal blogs or static websites. Businesses must not opt for DV SSL as it does not inspire trust among users.

Reasons why Domain Validated SSL Certificates are Hot Favorites for Hackers

Data suggests that 58% of phishing websites leverage SSL certificates establish ‘legitimacy’ as hackers and users both understand the risk of not using SSL. And DV SSL are hot favorites for hackers!

Typically, the CA would send an email confirmation to an authorized email id found in the domain’s WHOIS records. For instance, admin@, webmaster@, administrator@, postmaster@, etc., or other domain contacts. The domain owner must follow the process in the email to confirm the domain ownership.

To vet and verify the domain ownership, the Certificate Authority may also use alternate authentication methods such as

  • DNS CNAME lookup for the domain (domain owner creates a DNS record verifying control of the domain)
  • File lookup over HTTP (the domain owner must place the verification file on the website seeking SSL protection).

If the applicant completes any of these verification processes, they have proved that they have control over the website that needs to be protected with SSL. They will be given a DV SSL Certificate. The entity does not need to submit any other documentation or company paperwork. They do not need to establish that they are a legal entity. Further, it is quick, hassle-free, and economical to obtain.

Hackers, looking to defraud users or commit phishing attacks, can simply create a website and buy a DV SSL without too much trouble. DV certificates only demonstrate that the website owner has administrative control over the domain. This security certificate divulges the least amount of information about the website owner or the entity that the user is interacting with while visiting a website.

Hackers could create a phishing website with misspellings of a legitimate domain name, use the free webmail account to complete the verification, and get a Domain Validated SSL Certificate. The user may notice the padlock sign and not the misspelled address. They may end up divulging confidential information, passwords, download malware or make payments to the hacker, among others.

Which Type of SSL Certificate Should a Business Choose?

Businesses must consider OV or EV SSL certificates to nurture greater levels of trust among website visitors and users.

OV or Organization Validated SSL Certificates provide a high level of assurance to users. These certificates are issued by CAs only after business ownership is vetted, verified, and validated along with the domain ownership. The CA would authenticate legal information, company paperwork, check the physical location, and so on along with the domain validation. It tells the user that they are dealing with the same entity whose information is listed on the certificate.

EV or Extended Validation SSL provides the highest level of assurance to users. It’s no-compromise features, warranties and thorough vetting and authentication processes make users feel much more secure.

In addition to organization verification, they include a third-party verification as per EV protocols. Unlike OV certificates, they also provide visual cues such as display of Company Name on clicking the Padlock, dynamic site seals and so on. They come at a premium price, but it is an investment worth making for e-commerce and other dynamic websites.

A word of caution: You must choose the right Certificate Authority. If the CA uses mix validation protocols, they may issue OV SSL Certificates to hackers. If the domain name consists of a mixed character set, the CA must check the mixed character sets with known high risk domains and the certificate request must be flagged as high risk. They must conduct further authentication to ensure that the applicant is a legitimate organization.

The Way Forward

Given the fast-paced growth in fake websites, phishing and fraud, trustworthy SSL certificates are vital. It enables you to nurture greater trust in users by assuring them that they are dealing with a legitimate brand and not a hacker. So, Extended Validation or Organization Validated SSL Certificate from a reputable CA like Entrust is an investment you must make for your websites. Entrust has collaborated with Indusface to be the Authorized Distributor of their SSL/TLS certificates in India. Through Entrust’s SSL Certificates, Indusface provides strong encryption and browser trust with round-the-clock support for your business.


Latest articles

HardBit Ransomware Using Passphrase Protection To Evade Detection

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware...

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively.These...

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails...

Hacktivist Groups Preparing for DDoS Attacks Targeting Paris Olympics

Cyble Research & Intelligence Labs (CRIL) researchers have identified a cyber threat targeting the...

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles