Comodo issued a SSL cert to a malicious phishing website

You as a CA are liable for damages. Please revoke the HTTPS certificate ASAP to this site. It is a phishing site for google accounts.

Site is . If you go there now it just redirects to

You will only see phishing when you go to specific links such as this:

For more information please look at this reddit post:


Why would Comodo be liable for a certificate issued by GeoTrust?

Clicking on the padlock, after it redirects to the zoho website shows a domain validated certificate issued by GeoTrust.

Maybe you should have checked this before posting on the Comodo forum.


Comodo has issued the certificate for

Fair enough… So both Comodo and GeoTrust not validating deep enough on the Domain Validated certificates. :-\

You do realise, “validating” a certificate for only proves that it was issued to

If that happens to be a phishing site, “you are liable for damages” is a bit of a stretch. You could get an EV certificate for a malware site with any supplier anywhere if you used a legitimate business name to do so.