Jump to content

Home

Domain Name Scamming!


Jan Gaarni

Recommended Posts

Earlier this week a notice was made, warning people about scammers and such.

 

You may think, well, what else is new. The net is filled with scammers.

 

Well, since after you were able to use national letters (in example norwegian æÆ, øØ, and åÅ) in the addressfield, the threat has increased significantly.

 

Everyone knows of the famous replacing the O with a 0 (zero), like MICR0S0FT.com, and abusing that to trick people.

It’s usually easy to spot it if you are awake and pay attention when clicking links.

 

But what happens when you no longer are able to recognise wether it is an a or an a?

 

Confusing?

Example: the Russian letters a, e, o, and y looks fairly similar to the latin a, e, o, and y. For us mortal people, this is pretty much impossible to spot. But in the computerworld (binary kode) the difference is obvious and both letters are treated as 2 different letters. Someone could make a fake PayPal site under the .com domain (and probably already have, so stay alert) and use the Russian a instead the propper a. They can then lure you into this website and, if you are particulary “unlucky”, scam you for your money.

 

Mozilla 1.7.5, Firefox 1.0, Konqueror 3.2.2 and Opera 7.54 have this problem, according to Secunia. Micrososft IE does not have this exact same problem, but are subject to other problems which has similar effect.

 

If you want to test if you are vunerable to this spoof, click here.

It should take you to a fake PayPal site created by Secunia if you are affected.

 

 

The easiest way to avoid this problem is to type in the address manually in the addressfield, rather than copy and paste, or clicking on a link from a mail informing you they have registered some inregularities on your account at for instance PayPal (I’ve received a couple of these already).

 

The other way is to disable the IDN feature on your browser.

How you do that you will have to go to your browsers own webpages to see if they have any solutions there.

For Firefox users (such as myself :) ), you can go here.

It’s only a temp solution as far as I understand.

 

I don’t really see how they can fix this though, unless national letters are banned again. :D

 

 

More links for info on this:

Secunia

The Register

The Schmoo Group

The Homograph Attack

IDN Permissible Code Point Problems

Link to comment
Share on other sites

If you are using IE without the propper extensions installed, then the link won't work.

 

But most other browsers are usually up-to-date with the current international situation. :)

 

I use Mozilla's Firefox, so I'm more prone to this than somone who only uses IE. But, it's all a matter of staying alert, and be sceptical about stuff, in particular, that comes via mail.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...