Similar URLs, Different Alphabets

You’ve probably trained your about the importance of looking at the links they receive before they click them, if click they must. The URL should match what you expect to see when you mouse over it, for example.

There is, however, a way the partially wary can still be tripped up. Homographic urls, that is, urls that look quite a bit like the legitimate ones they spoof, are being observed in the wild.

Farsight Security has reported how Internationalized Domain Names (IDNs) can use non-Latin characters from, say the Greek or Cyrillic alphabets, to craft sites that impersonate urls using the more familiar Roman characters.

Spoofed sites make for more persuasive phishing. Thus a Cyrillic soft sign “ь” for example, which looks at a glance like a sans-serif lower-case “b,” can be used to spell “faceьook,” which might fool the casual eyes of users normally alert to the urls they follow.

Other examples are easy to come up with. Companies whose sites have been impersonated in this way include Apple, Adobe, Amazon, Bank of America, Cisco, Coinbase, Credit Suisse, eBay, Bittrex, , , Netflix, New York Times, Twitter, Walmart, Yahoo, Wikipedia, YouTube, and Yandex.

There are a few things you can do to protect your organization, like educating people to the risks of communications that ask you to “log in” and “verify your information.”

Any organization that interacts with a lot of people online is liable to be targeted by homographic impersonators. One thing you might consider to protect your customers is a bit of prevention: consider registering domains that are homographs of yours.

The most common source of homographs is the Cyrillic alphabet, but don’t neglect special characters found in many of the languages that use the basic Roman alphabet, either. Silicon has the story here:
http://www.silicon.co.uk/security/study-finds-top-sites-impersonated-international-characters-227423



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here