In their never-ending pursuit to evade spam filters, malevolent mailers have deployed a number of techniques to obfuscate their true intent. One of those techniques is using facsimiles of legitimate brand names in Web addresses to redirect victims to outlaw Internet sites where the scammers can work their mischief on their targets, a practice called […]
Sun awarded patent to detect spoofed domains and send web users to intended domain name. Sun Microsystems (NASDAQ: JAVA) has been awarded U.S. patent 7,559,085 for “Detection for deceptively similar domain names”. The patent was filed in 2004 and awarded today. The system includes a number of methods for detecting that someone is accessing a […]
Aside from the frightening SSL stuff, Moxie Marlinspike stirred up some good interest in Internationalized Domain Names at Black Hat in DC with his domain lookalike attack. Since I’ve been studying the topic for a while, I wanted to point out some things about IDN people may want to know. At CanSecWest and SOURCE Boston […]
Internationalized Resource Identifiers (IRI’s) are a new take on the old URI (Uniform Resource Identifier), which through RFC 3986 restricted domain names to a subset of ASCII characters – mainly lower and upper case letters, numbers, and some punctuation. IRI’s were forecasted many years ago by Martin Dürst and Michel Suignard, and formalized in RFC […]
More on lookalikes, confusables, IDN homograph attacks, and other fun stuff, continued from the previous post.
Mixed-script confusables
These occur when letters from one alphabet or script, are used to give the same visual appearance as letters from a completely different script. For example, the following words contain a mix of Latin and Cyrillic letters […]
By the technique, that the homograph-Attack is named, become sites made with a domain name in which not-English characters prevent. An example of this is www.pаypal.com. In the address beam appeared usual paypal. com, but in reality ends up the internal pus on a site of a swindler. Swindlers can for instance also a known […]
Domain name spoofing works by exploiting the visual resemblance, or near- resemblance, of certain characters and symbols. ICANN is concerned about the potential exacerbation of domain name spoofing as IDNs become more widespread, and is equally concerned about the implementation of countermeasures that may unnecessarily restrict the use and availability of IDNs. ICANN’s public comment […]
With normal spoofing a scammer tries to get personal information by sending fraudulent emails masquerading as an official website an individual might be working with. While some fall for the deception, many know better since the domain name in the email doesn’t resemble the domain name they usually use to access whatever site. However, what […]
