As users become more aware of phishing and data theft, they become more cautious. Unfortunately as users become more cautious, attackers must become more devious. In a recent discovery, we found a phishing website that had been issued a valid SSL Certificate. SSL Certificates are small data files that activate the HTTPS protocol and allows secure connections between a web browser and a web server. Most users don’t realize that there are actually different levels of security when it comes to SSL certificates.