VeriSign Inc., the company responsible for assuring that more than half the world's websites are authentic, was hacked multiple times in 2010, and the thieves succeeded in stealing information, reports Christopher Maag in Credit.com
When users click on a website, or on a hyperlink that would carry them to a website, their browser automatically checks the site's security certificate to make sure that it's authentic. If there's a problem with the certificate, the browser may present a warning screen advising the user of possible security threats, or it may block access altogether.
If hackers gain access to those certificates however, they can make their own copy that looks exactly like the real thing. That would enable them to run a virtually fool-proof phishing scheme, diverting users to a fake website in order to steal account passwords, Social Security numbers and other valuable private data.