Globalized Domains – Will we see more tricks from Phishers and Spammers?

Posted by Minal Pithia on Mon, Dec 21, 2009
Marshall McLuhan's 1962 prediction of the "global village" is manifested today in the form of the internet, a self-governing community without borders involving the integration of different cultures.  Worldwide communication is instantaneous and the internet is becoming more global and accessible. Did you know that the first official domain name in non-Latin characters will appear in 2010?  The Bulgarian government is one of the first to register internet domains in Cyrillic. It will be interesting to see the impact this will have on the internet.

Recently, the Internet Corporation for Assigned Names and Numbers (ICANN) approved a fast-track process for implementing non-Latin domain names by early to mid 2010. As Latin characters dominated the internet, a switch to non-Latin characters will allow people from all over the world to register domains in Arabic, Mandarin, Japanese and Russian to name a few. With this new implementation it may become problematic in controlling spammers and phishers. Peter Wood, member of ISACA's Conference Committee and founder of First Base Technologies states, "While we understand the interest in expanding the characters offered in other languages, we are concerned that an increase in web site characters could lead to greater security risks and consumer fraud," As, most modern scripts have a similarity to Cyrillic scripts, many experts predict an increase in spoof URL's that confuse users into distinguishing a fraudulent site from an authentic one. For example, here is a list of characters in Cyrillic that look like Latin characters: y, k, e, x, b, a, p, o, c and g. Characters that look alike are known as homographs. The scope for homograph attacks widens, as IDN's allow for the use of full Unicode character set. One could see the implications of this as it's possible to create domains like "bank" using the lower case Cyrillic ‘a'.

Read More

Topics: ICANN, phishing scams, globalized domains

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all