Globalized Domains – Will we see more tricks from Phishers and Spammers?

Posted by Minal Pithia

Mon, Dec 21, 2009

Marshall McLuhan's 1962 prediction of the "global village" is manifested today in the form of the internet, a self-governing community without borders involving the integration of different cultures.  Worldwide communication is instantaneous and the internet is becoming more global and accessible. Did you know that the first official domain name in non-Latin characters will appear in 2010?  The Bulgarian government is one of the first to register internet domains in Cyrillic. It will be interesting to see the impact this will have on the internet.

Recently, the Internet Corporation for Assigned Names and Numbers (ICANN) approved a fast-track process for implementing non-Latin domain names by early to mid 2010. As Latin characters dominated the internet, a switch to non-Latin characters will allow people from all over the world to register domains in Arabic, Mandarin, Japanese and Russian to name a few. With this new implementation it may become problematic in controlling spammers and phishers. Peter Wood, member of ISACA's Conference Committee and founder of First Base Technologies states, "While we understand the interest in expanding the ICANNcharacters offered in other languages, we are concerned that an increase in web site characters could lead to greater security risks and consumer fraud," As, most modern scripts have a similarity to Cyrillic scripts, many experts predict an increase in spoof URL's that confuse users into distinguishing a fraudulent site from an authentic one. For example, here is a list of characters in Cyrillic that look like Latin characters: y, k, e, x, b, a, p, o, c and g. Characters that look alike are known as homographs. The scope for homograph attacks widens, as IDN's allow for the use of full Unicode character set. One could see the implications of this as it's possible to create domains like "bank" using the lower case Cyrillic ‘a'.

There is a defense mechanism for this; Firefox has an add-on which "Puts a little flag in the status bar that tells you whether you are visiting a Traditional Domain Name (green TDN) or an International Domain Name (UN-blue IDN with translation to Punycode)". It is also important to educate yourself about various phishing attacks and to never click on suspicious links in an email. When in doubt, it would be good to get into the habit of typing URL's directly into browsers.

The borderless world of the internet provides many oppoInternet reputation managementrtunities for companies to create a global online presence.  The introduction of IDN's increases the potential for more online business, since it allows companies to effectively target larger audiences and widen their scope on the internet.  Protecting brands and reputation online has never been more important than it is today, in the ever evolving world of the internet.

 

Get Our Latest Posts Automatically via Email

Topics: ICANN, phishing scams, globalized domains

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Recent Posts

Posts by Topic

see all