Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.
Domain summit 2024

Spoofing URLs With Unicode

Status
Not open for further replies.

Guest
From Slashdot:

Scientific American has an interesting article about how a pair of students at the Technion-Israel Institute of Technology registered "microsoft.com" with Verisign, using the Russian Cyrillic letters "c" and "o". Even though it is a completely different domain, the two display identically (the article uses the term "homograph"). The work was done for a paper in the Communications of the ACM (the paper itself is not online). The article characterizes attacks using this spoof as "scary, if not entirely probable," assuming that a hacker would have to first take over a page at another site. I disagree: sending out a mail message with the URL waiting to be clicked ("Bill Gates will send you ten dollars!") is just one alternate technique.

http://www.sciam.com/2002/0602issue/0602scicit5.html
 
Domain summit 2024

mole

DNF Addict
Legacy Exclusive Member
Joined
May 4, 2002
Messages
6,674
Reaction score
3
Feedback: 1 / 0 / 0
I just registered con.com :D
 

Nic

Level 6
Legacy Platinum Member
Joined
Apr 23, 2002
Messages
628
Reaction score
0
Feedback: 0 / 0 / 0
thats so dumb,
like anyone is actually going to type that in.
aslo it will not work for everyone. only people withthe specific language chars installed will be able to view/type it
 

mole

DNF Addict
Legacy Exclusive Member
Joined
May 4, 2002
Messages
6,674
Reaction score
3
Feedback: 1 / 0 / 0
Originally posted by brandon309
What was the website about? Convicts?

Like it says, con.com :D
 

mole

DNF Addict
Legacy Exclusive Member
Joined
May 4, 2002
Messages
6,674
Reaction score
3
Feedback: 1 / 0 / 0
Originally posted by Nic
thats so dumb,
like anyone is actually going to type that in.
aslo it will not work for everyone. only people withthe specific language chars installed will be able to view/type it

hrrmph..
 

Guest
Ïîõîæèå ñòðàíèöû
 

mole

DNF Addict
Legacy Exclusive Member
Joined
May 4, 2002
Messages
6,674
Reaction score
3
Feedback: 1 / 0 / 0
Wow, that fungus must be getting to you timechange. Have you seen a doctor?
 

NameBox

Level 5
Legacy Gold Member
Joined
Apr 29, 2002
Messages
334
Reaction score
0
Feedback: 0 / 0 / 0
You are correct timechange. The problem is not a mistaken key in, but a spoofed, logical looking hyperlink in an email. Has anyone forgotten the PayPal spoof email which originated in Russia.

People were sent spam directing them to click a hyperlink and amend or confirm their pasworlds, user information, credit card details etc.

The spoof was actually PAYPA1.com (nubmer one instead of an "L"), but is folled many, many people as PayPa1.com ... which in certain type faces was very deceiving ...

Crude, but very effective ...
 
Status
Not open for further replies.

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Sedo - it.com Premiums

IT.com

Premium Members

AucDom
UKBackorder
Be a Squirrel
MariaBuy

New Threads

Our Mods' Businesses

Free QR Code Generator by MerchArts
UrlPick.com

*the exceptional businesses of our esteemed moderators

Top Bottom