retroremakes
January 4th, 2010, 12:05
http://cache.gawker.com/assets/images/4/2010/01/500x_scary-url-text.jpg (http://cache.gawker.com/assets/images/4/2010/01/scary-url-text.jpg)Unicode is great because it supports multiple languages simultaneously, bringing international understanding, universal peace, and planetary love. And so is ICANN's decision to allow domain names that use non-Latin alphabets. Until both combine to steal your credit card numbers.
Or your login name, passwords, address, or whatever other data a phishing site can get from you.
Until now, there was an easy way to test if a site was legit or not: You just look at the browser URL. If it's not paypal.com or amazon.com or whatever.com, then it's not those companies' web sites, no matter how well they clone their layout and graphics.
The problem will come in 2010. That's when sites' URLs would start popping in non-Latin alphabets like cyrillic. And that's when there will be cases of mistaken identity: Just check the image above, in which the russian word "raural" becomes "paypal." Can you see what this is going to be bring? Yes, unless someone comes up with rules soon, this will bring a big bag sports bag full of hurt. [Masable (http://mashable.com/2010/01/01/idn-phishing/)]
http://ads.pheedo.com/img.phdo?p=1 (http://ads.pheedo.com/click.phdo?p=1) http://a.rfihub.com/eus.gif?eui=2226 http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/0/di</img> (http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/0/da)
http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/1/di</img> (http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/1/da)
http://feeds.feedburner.com/~ff/gizmodo/full?d=H0mrP-F8Qgo</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:H0mrP-F8Qgo) http://feeds.feedburner.com/~ff/gizmodo/full?d=yIl2AUoC8zA</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:yIl2AUoC8zA) http://feeds.feedburner.com/~ff/gizmodo/full?i=5lWG2rA50Wk:Fh1is9sINY8:D7DqB2pKExk</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:D7DqB2pKExk) http://feeds.feedburner.com/~ff/gizmodo/full?i=5lWG2rA50Wk:Fh1is9sINY8:V_sGLiPBpWU</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:V_sGLiPBpWU)
http://feeds.feedburner.com/~r/gizmodo/full/~4/5lWG2rA50Wk
More... (http://feeds.gawker.com/~r/gizmodo/full/~3/5lWG2rA50Wk/how-non+latin-domain-names-could-be-used-to-steal-your-money)
Or your login name, passwords, address, or whatever other data a phishing site can get from you.
Until now, there was an easy way to test if a site was legit or not: You just look at the browser URL. If it's not paypal.com or amazon.com or whatever.com, then it's not those companies' web sites, no matter how well they clone their layout and graphics.
The problem will come in 2010. That's when sites' URLs would start popping in non-Latin alphabets like cyrillic. And that's when there will be cases of mistaken identity: Just check the image above, in which the russian word "raural" becomes "paypal." Can you see what this is going to be bring? Yes, unless someone comes up with rules soon, this will bring a big bag sports bag full of hurt. [Masable (http://mashable.com/2010/01/01/idn-phishing/)]
http://ads.pheedo.com/img.phdo?p=1 (http://ads.pheedo.com/click.phdo?p=1) http://a.rfihub.com/eus.gif?eui=2226 http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/0/di</img> (http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/0/da)
http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/1/di</img> (http://feedads.g.doubleclick.net/~a/H0Tvwpu-0tawwj_KFnUsBYF1S6k/1/da)
http://feeds.feedburner.com/~ff/gizmodo/full?d=H0mrP-F8Qgo</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:H0mrP-F8Qgo) http://feeds.feedburner.com/~ff/gizmodo/full?d=yIl2AUoC8zA</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:yIl2AUoC8zA) http://feeds.feedburner.com/~ff/gizmodo/full?i=5lWG2rA50Wk:Fh1is9sINY8:D7DqB2pKExk</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:D7DqB2pKExk) http://feeds.feedburner.com/~ff/gizmodo/full?i=5lWG2rA50Wk:Fh1is9sINY8:V_sGLiPBpWU</img> (http://feeds.gawker.com/~ff/gizmodo/full?a=5lWG2rA50Wk:Fh1is9sINY8:V_sGLiPBpWU)
http://feeds.feedburner.com/~r/gizmodo/full/~4/5lWG2rA50Wk
More... (http://feeds.gawker.com/~r/gizmodo/full/~3/5lWG2rA50Wk/how-non+latin-domain-names-could-be-used-to-steal-your-money)