Jump to content

Phishing with Unicode Domains


Forkish

Recommended Posts

Found this on Lobste.rs:

https://www.xudongz.com/blog/2017/idn-phishing/

A nugget

 

Punycode makes it possible to register domains with foreign characters. It works by converting individual domain label to an alternative format using only ASCII characters. For example, the domain "xn--s7y.co" is equivalent to "短.co".

From a security perspective, Unicode domains can be problematic because many Unicode characters are difficult to distinguish from common ASCII characters. It is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com". It may not be obvious at first glance, but "аpple.com" uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0041). This is known as a homograph attack.

Chrome was the only broswer on my iPhone that gave me an apple.com url.  Might be an interesting thing to use on the pineapple if possible.

Link to comment
Share on other sites

Found it at ycombinator apparently:

https://news.ycombinator.com/item?id=14130241

also found these which may be of relevance:

https://news.ycombinator.com/item?id=14132066

https://news.ycombinator.com/item?id=14119713

 

I only ever link click so I don't know if these are replies to the main one or how that works there but looks like a good toilet read.

Link to comment
Share on other sites

I had posted a link about this on twitter, there are ways to block these phishing sites. FF has an about:config setting, while Opera and Chrome, you need an extension to warn you.

 

Link to comment
Share on other sites

6 hours ago, digip said:

I had posted a link about this on twitter, there are ways to block these phishing sites. FF has an about:config setting, while Opera and Chrome, you need an extension to warn you.

 

Thanks for the chrome heads up

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...