Monday, 29 May 2017 19:01

Phishing through homographs: Letters that look alike but lead you astray in some browsers

Retreived by
Rate this item
(0 votes)

When is an “a” not necessary the “a” you think it is? When a browser shows it as part of the URL in the location or smart-search field. Due to the late entry of non-Roman characters to domain names, a backwards-compatible method of representing them aids phishing.

Unicode allows the representation of nearly all the glyphs—characters, symbols, ideograms, script element, and more—that form the basis of language and other written subjects, like math and games, in use around the world. While the Unicode Consortium started its work decades ago, but it’s only in the last few years that it’s finally permeated operating systems, browsers, and apps to the point where you can almost rely on it working almost everywhere.

But the Domain Name System (DNS) that operating systems use to turn human-readable location and resource names into the numeric and other data needed to make a connection dates back even before Unicode. And because of its ubiquity, making any change could break compatibility for hundreds of millions of people and devices—maybe more. This is why some sensible improvements, like having a cryptographic component to a domain name that prevented its being spoofed by a party that didn’t own the domain, has still not been rolled out.

(The article continues...)

Phishing through homographs: Letters that look alike but lead you astray in some browsers published on
Read 181 times

SPEEDEE spends his day searching the internet for the information you need to better use your Mac, iPhone, iPad, Apple TV, Apple Watch and all else Apple.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.