Digital Certificates

Much like a fake ATM machine, an unethical hacker could use technology to direct a user to a false web site when they are thinking they are going to a trusted website, even if they are using SSL. When typing in https://, Internet Explorer 6 (IE6) will pop-up a dialog when it encounters a digital certificate that it doesn’t trust (i.e., a potential fake ATM machine) as shown in Figure 11:

Figure 11 - IE6 Security Alert

In many cases, a user may just click “Yes” without realizing what they are doing (as we did before) and then provide the unethical hacker with a lot of information – like their credit card number and billing address. After all, it really seems like just an annoying dialog. Luckily, the Internet Explorer 7 (IE7) experience is different in a profound way. Here is an example of IE7:

9