Have you ever tried to visit a web site and received a warning page that tells you about a problem with the web site's certificate?
Most of the time, this error indicates a rather benign problem. The SSL certificate could be expired or installed incorrectly. Typically, the web site owners will have the problem corrected in a short period.
Other times this error may indicate a more sinister motive. Your connection has been intercepted or the web server is misrepresenting its identity. Both scenarios indicate what is known as a man-in-the-middle attack (MITM). With this form of electronic eavesdropping, the attacker makes independent network connections believe that they are talking directly to each other over a private connection. If you receive a certificate error and choose to continue to the web site, an attacker can intercept, and possibly modify, all communications between your browser and the web server.
Although MITM attacks are rare, it is never wise to ignore certificate errors. A secure web site will always use SSL certificates. A really secure web site will also include off site passwords and multi-factor authentication.
Never ignore certificate errors. Once a hacker has intercepted your password, you will not get a second chance. It is always better to be safe than sorry!
James Bell
Sources:
About certificate errors
Microsoft
Man-in-the-middle attack
Wikipedia
Comments