What is phishing?
Phishing is the practice of trying to get private information such as usernames, passwords, credit card details, social security numbers, and more through the use of imposter emails and websites.
NextDNS provides blocklists that can protect against phishing attacks. All NextDNS blocklists are gathered from well known public sources, refreshed hourly and available on our Github.
From what I understand about Modern Phishing attacks is that they are man in the middle attacks where a server is setup up that can use a genuine and freely available certificate from the likes of Let Encrypt or other services and a Domain name that closely matches the real domain of the website it is trying to mimic and these servers then capture the unsuspecting users credentials and reports them home to the 'Bad Actor' who will then use them for whatever they want to or sell them on to other 'Bad Actors'. I believe these Phishing Servers can be setup in a few minutes and be easily setup to look just like a genuine website . Since the only evidence this it is not a genuine website is the misspelt Domain name you and even the little padlock symbol in your web browser that we have learnt to trust is not showing up any warning; you can understand why even experienced internet users can be a victim of a phishing attack . As I understand one of the possible defences to this phishing issue is to use TLS fingerprinting, which as I understand it is some method of matching the certificates, my question is does NextDNS provide TLS fingerprinting or is it developing a TLS fingerprinting Solution ?