Assistance to Remove/Disable SSL Service from Hacked/Hijacked Loan Broker Website

I have a client whose websites html frame has been duplicated and hijacked by scammers overseas.

Their original website is loansandbeyond.com.au

The hijackers have registered loanandbeyond.com and are attempting to scam people applying for loan applications to deposit a fee to cover insurance of a fake unsecured loan.

Lets Encrypt provided the hackers with an SSL certificate allowing them to pose as secured and legitimate.

This needs to be disabled or removed, reported ASAP.

If there is anyway to extract logs or IP addresses or phone numbers of who purchased the certificate that would be of great help to local authorities here in Australia.

Thank you.
Angus S.
Network Systems Engineer
Brisbane, QLD, AUSTRALIA

There are better venues to achieve what you are looking for.

Also, please use backticks around unsafe links.

To add to Giuseppe's links: people on this forum will suggest for you to update your understanding of the function of TLS certificates. They are not, and never were the indicator of legitimacy. They only ever prove that the entity behind the webserver (or any other TLS enable service) has proved that they have control over the domain.

So you may as well have a very secure connection with the Satan himself.

If you want to change that—I would suggest raising the issue at CA/B Forum. But I wouldn't hold your breath for this needle to move.