Let's Encrypt Issues Over 15,000 SSLs to PayPal Phishing Sites

Pete Prestipino
by Pete Prestipino 16 Jan, 2023
Let's Encrypt Issues Over 15,000 SSLs to PayPal Phishing Sites

Having an SSL on your website is a wise decision as not only is it supposed to positively influence a brand's position on the search results (although there is really no evidence of that just yet), but it keeps users safe - or at least it is supposed to.

New research out from The SSL Store found that during the past year, Let's Encrypt (a provider of free SSL certificates) issued a total of 15,270 SSL certificates that contained the word "PayPal" in the domain name or the certificate identity. Of those, 96.7 percent were issued for domains that hosted phishing sites.

The SSL Store's Vincent Lynch went into some detail on the Let's Encrypt abuse, and the need for more rigorous standards for issuance of SSL certificates.

While it is unlikely that those using an SSL from Let's Encrypt are at risk in any way at this time, it should be cause for concern and may even warrant switching CA (certificate authorities) in the future.
Pete Prestipino
Pete Prestipino
Digital marketing executive with proven experience in all aspects of search engine optimization (SEO), performance-based advertising, consumer-generated/social media, email marketing, lead generation, Web design, usability, and analytics. - 20-year Internet marketing veteran, currently serving as the Digital Marketing Campaign Manager at Antenna Group (formerly Chicago Digital). - Former Editor-In-Chief of Website Magazine, and a regular speaker on Web technology digital marketing strategy - Author of several books on digital marketing Including Web 360: The Fundamentals of Web Success; Affiliate 360: The Fundamentals of Performance Marketing; Domains 360: The Fundamentals of Buying & Selling Domain Names, and SEO 360: The Fundamentals of Search Engine Optimization.