How EV Can Reduce the Effectiveness of Phishing

Phishing is deflected by Extended Validation’s obvious visual cue


Extended Validation (EV) SSL can help to limit the success of phishers, as expressed here: http://www.techrepublic.com/blog/security/phishing-update-fake-vonage-web-site-and-ev-certs-do-help/1533. It is much easier to mimic a site secured with a low-priced, Domain Validated, or DV, certificate. All of the cheaper certificates available on the marketplace are DV -- because those are the certificates with the least verification and the least cost to the certificate authorities. An instance of phishing on a site means a huge amount of discomfort experienced by any affected customers. It can also mean a major liability incident for the affected company or organization. The green address bar lets customers know that they are on the correct site and that it is safe to enter their information.

Phishing is unfortunately only becoming more popular and effective over time. This blog suggests that the average phishing scam, using tools any moderately skilled e-criminal can easily purchase online, has an ROI around 10,000%: http://blogs.computerworld.com/node/1561. Phishing means lost revenue for online businesses, because the consumers' spending money is going into the wrong hands.