About

My Photo

Adsense


Add to Google Reader or Homepage

Subscribe in Bloglines

Subscribe in one go

  • Subscribe to RSS Feed

Your email address:


Powered by FeedBlitz

Google reader

Software worth checking out

  • ActiveWords
    Do everything without leaving the keyboard
  • Anagram
    Translates copied text into Contact, Calendar, Task, and Note items for Outlook, Palm etc
  • BlogJet
    Weblog client for Windows that allows you to manage your blog without opening a browser.
  • ConnectedText
    Intriguing Wiki-based organiser
  • Copernic Desktop Search
    Great alternative to Google's or Microsoft's offering for searching your PC. Simple and unobtrusive
  • Courier Email
    Great email program
  • DtSearch
    Text Retrieval / Full Text Search Engine
  • ExplorerPlus
    Organize and manage all your system files and folders
  • Gmail
    Webmail that really works. Great for catching spam too.
  • Google Deskbar
    Search with Google from any application without lifting your fingers from the keyboard.
  • Google Earth
    Zip around the planet and see things differently
  • Google Reader
    Best online RSS reader I think there is out there
  • Google Talk
    Chat online and make free internet calls
  • Jot+
    store all of your notes and information in an easy-to-use outline
  • Mindjet
    The mindmapper of choice.
  • MSGTAG - MessageTag
    Email receipt alert
  • MyInfo
    free-form information organizer
  • NoteTab
    Great text and HTML editor
  • PersonalBrain
    If you've ever wanted to organise your information in a way that's different, try this. Worth spending time on mastering
  • Process Explorer
    Not too geeky way to figure out what software is slowing down your computer. Just keep it running for a while and the culprit will become obvious.
  • Safari
    Surprisingly fast browser -- and for Windows too.
  • Skype
    Dump those phone bills
  • SpaceMonger
    Keep track of the free space on your computer via treemaps
  • Stick
    Post-It note-like tabs to store text, folders etc that cling to the edge of your screen
  • SuperNotecard
    Great for authors and writers organizing their thoughts
  • TaskTracker
    Lists recent documents by type for easy access
  • Text Monkey
    Easily clean copied text
  • Trillian IM Clients
    Gathers all your instant messaging accounts in one window
  • UltraMon
    Increase productivity and unlock the full potential of multiple monitors.
  • Vyooh DiskView
    Visually see disk space usage in Windows Explorer
Blog Widget by LinkWithin

« This week's column - Airtexting, Airport Pickups and Airheads | Main | Monkeying Around With Text »

June 12, 2004

How To Make A Phish Look Real

Here's an interesting -- and troubling -- variation on the phishing scam: Using country-specific domain name to make a phishing link look real.

The problem for phishers has always been to conceal the fact that the link victims are asked to click on takes them to a website address that looks dodgy -- either the URL clearly does not belong to the company the phishing email claims to be from, or the link has to so heavily disguised in the email the victim doesn't get suspicious. Phishers have tried registering real sounding domain names (www.securepayeee.com, or somesuch) to get around this, but it's not easy to come up with names that aren't taken, and nowadays unless the name has paypal or ebay or citibank somewhere in the URL, victims are not going to be fooled. Hence this new twist:

The phishing email in question is the same as any another PayPal phish - "We recently reviewed your account, and suspect that your PayPal account may  have been accessed by an unauthorized third party." But the link victims are expected to click on, visible as https://www.paypal.com/cgi-bin/webscr?cmd=_fraud-check&limited_access=1086452724="/A"> resolves to www.paypal.de.com , which looks credible as a legitimate PayPal website in Germany.

De.com is actually owned by CentralNic Ltd, a private London Based domain name registry, which also own US.COM, EU.COM, UK.COM, CN.COM, RU.COM, and twelve others that "represent the worlds most populated countries." According to eNom, Inc, one of the Internet's accredited registrars which issued the country specific domains, "there are no restrictions or rules when registering these domains, unlike other domains which require you to be a citizen of the country in order to make a purchase."

In other words, easy pickings for phishers. And of course, this means that anti-phish devices such as SpoofStick, which look at the underlying domain name to gauge whether a website is fraudulent or not, are not going to be much help here because they would only show the domain to be de.com, which doesn't sound phishy enough to deter anyone but the most alert user.

My tupennies' worth: Domain registrars must take on some of the responsibility for these registrations. It's not acceptable to just let anyone register a paypal domain and say it's not your business. Secondly, anti-phishing devices must make clear they can't guard against every phishing attack.

Posted on June 12, 2004 in Scams |

Digg This | Save to del.icio.us

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c5af153ef00d83504f2e653ef

Listed below are links to weblogs that reference How To Make A Phish Look Real:

Comments

The comments to this entry are closed.

Loose Wire search

Recent Posts

Recent Comments

Categories

Subscribe to my Podcast

Eco-Safe

Categories

Rank

  • Wikio - Top Blogs - Technology
Blog powered by TypePad
Member since 12/2003

Facebook

  • Blog Network:
    Blog Networks

A Directory of...

ten mov.es

tenminut.es