DV certificates, an option widely used by hackers
DV certificates are for verify web domains. They are going to give a certain security, at least in appearance, to a page. There are different types of domain certificates. In this case, what it does is validate the ownership of that website, something that can give visitors peace of mind.
But of course, hackers can also use this type of certificate. In this way they get that any website they have created, apparently offers certain guarantees to visitors, who are the possible future victims.
These certificates have to be issued by a service that guarantees security. However, it is not difficult for anyone to buy a SSL DV certificate on the Internet and use it on any website. What if that site was actually created to carry out Phishing attacks?
This is exactly what cybercriminals use. That is why DV certificates have become a important weapon for attackers. In fact, the only thing these certificates indicate is that the owner of that website has full administrative control. Yes, it is true that it offers certain guarantees at least informative, but we are not really facing a security measure as such and it will not make a website reliable by itself.
How they use a DV certificate on a fake site
Typically, hackers use it to create fake pages and use Phishing attacks. Let’s say they seek to impersonate a social network such as Facebook or Twitter, a bank or any service where the user has to log in with their password.
What the attacker is going to do is create a page with a domain that is similar to the true one, but in which they are going to change some letter, digit or something that allows it to be as similar as possible to the original. Once this is done, they will use the email account of that domain to complete the verification and thus obtain the SSL DV certificate to verify the identity.
That web page will have the typical green padlock that informs that it has a certificate. The victim will enter that fake page and, if they do not realize that the domain name is really not the original, they will believe that there is nothing strange. This can mislead users and cause them to log in as if they were entering the official Facebook page, the bank or any other online service.
Therefore, these SSL certificates are a weapon increasingly used by hackers to mislead victims. This makes it very important to know when a website is fake and to know the security threats on websites.