Posts Tagged ‘IDN spoofing’

Scamsters use URL spoofs to evade spam filters

In their never-ending pursuit to evade spam filters, malevolent mailers have deployed a number of techniques to obfuscate their true intent. One of those techniques is using facsimiles of legitimate brand names in Web addresses to redirect victims to outlaw Internet sites where the scammers can work their mischief on their targets, a practice called […]

Sun Microsystems Awarded Patent for Detecting Spoofed Domain Names

Sun awarded patent to detect spoofed domains and send web users to intended domain name. Sun Microsystems (NASDAQ: JAVA) has been awarded U.S. patent 7,559,085 for “Detection for deceptively similar domain names”. The patent was filed in 2004 and awarded today. The system includes a number of methods for detecting that someone is accessing a […]

Chris Weber: The current state of IDN homograph spoofing in 2009

Aside from the frightening SSL stuff, Moxie Marlinspike stirred up some good interest in Internationalized Domain Names at Black Hat in DC with his domain lookalike attack. Since I’ve been studying the topic for a while, I wanted to point out some things about IDN people may want to know. At CanSecWest and SOURCE Boston […]

Chris Weber: Unicode attacks and test cases: IDN and IRI display, normalization and anti-spoofing

Internationalized Resource Identifiers (IRI’s) are a new take on the old URI (Uniform Resource Identifier), which through RFC 3986 restricted domain names to a subset of ASCII characters – mainly lower and upper case letters, numbers, and some punctuation. IRI’s were forecasted many years ago by Martin Dürst and Michel Suignard, and formalized in RFC […]

Chris Weber: Unicode attacks and test cases – Visual Spoofing, IDN homograph attacks, and the Mixed Script Confusables

More on lookalikes, confusables, IDN homograph attacks, and other fun stuff, continued from the previous post.
Mixed-script confusables
These occur when letters from one alphabet or script, are used to give the same visual appearance as letters from a completely different script.  For example, the following words contain a mix of Latin and Cyrillic letters […]

Spoofing possible thanks to particular characters

By the technique, that the homograph-Attack is named, become sites made with a domain name in which not-English characters prevent. An example of this is www.pа In the address beam appeared usual paypal. com, but in reality ends up the internal pus on a site of a swindler. Swindlers can for instance also a known […]

ICANN: IDN Spoofing Concerns

Domain name spoofing works by exploiting the visual resemblance, or near- resemblance, of certain characters and symbols. ICANN is concerned about the potential exacerbation of domain name spoofing as IDNs become more widespread, and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs. ICANN’s public comment […]

Internationalized Domain Names and Homograph Attacks

With normal spoofing a scammer tries to get personal information by sending fraudulent emails masquerading as an official website an individual might be working with. While some fall for the deception, many know better since the domain name in the email doesn’t resemble the domain name they usually use to access whatever site. However, what […]