Domain name sytem offers back door to criminals

Phishers could hijack new domain name system

Written by Dinah Greek

Computeractive, 07 Mar 2005

A recently approved system that allows countries to create web addresses using a mixture of European and non-European languages could open a back door for scammers warned the UK Internet Forum (UKIF).

People are directed to websites by the real name rather than as websies internet protocol address, which is a series of numbers. European languages use what are called ASCII codes to create 'real name' web addresses and other languages such as Russian, Greek or Chinese use a code called Unicode. The Internationalised Domain Names (IDN) system now combines these.

The problem for consumers is some of the letters in the alphabets that use Unicode is they resemble those used in European alphabets. The worry is criminals will use a mixture of these codes to register websites that look like those that belong to legitimate companies and direct users to the fake sites. Steve Dyer, director of UKIF told Compueractive there were reals concerns about misuse of this by criminals. "The Russian 'A' looks just the same as the English 'A' although it means something different. A criminal could register a domain name using a mixture of ASCII and Unicode that is indistinguishable to the ordinary surfer from the genuine site.

"To prove a point, the website PayPal was created using a mixture of the European and Russian alphabet. People were directed to a fake site and phishers can steal personal details. This site was handed over to PayPal but shows how dangerous this could become",he said.

But the IDN system can't just be binned he warned as other countries genuinely need a way to write 'real names' for their websites because it is easier for people to use. He also said some legitimate sites, such as More Than (More>) and Toys R Us use non-European letters to denote their brand.

Mr Dyer said the internet industry must be more aware of the risks.

But he believed there are safeguards that could alert internet users. Browsers for example could flag up sites that use a mixture of ASCII and Unicode and he said Opera believe it has safeguards and Mozilla is working on a solution.

Tags:

reader comments

related articles

New domains cause wrangles

New domains irk analysts 14 Apr 2005

 
Phishing

Phishers launch Monster attack on job seekers

Scam targets users of recruitment site 15 Jul 2008

Communications

Chinese scammers adopt search engine optimisation

Google and Baidu hit in lottery phone scam 05 Sep 2008

OFT

OFT launches scam awareness month

Fraudsters eager to take advantage of the economic downturn 02 Feb 2009

related whitepapers

today's top stories

Ecommerce

What does Windows 7 mean for Microsoft?

With the sting of Vista still fresh, Redmond has to make next Windows work 10 Jul 2009

Management

A smarter way to use BI

Getting the most from business intelligence systems requires not only careful management on the part of IT leaders, but also the committed involvement of decision-makers across the organisation 08 Jul 2009

Mainstream Matters

The truth behind the Google/Microsoft/NHS rumours

Before Monday 6 July, did you know that Google and Microsoft had services for storing health records? Thanks to an article in... 10 Jul 2009

Management

Quenching a thirst for IT modernisation

A substantial restructure at soft drink supplier Nichols -­ purveyor of Vimto - ­led the company to update its software to Sage 1000 to replace its in-house application. This resulted in the streamlining of the IT department and an opportunity to customise the system 08 Jul 2009

Management

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will Google Chrome OS be a genuine alternative to Windows?

Will Google Chrome OS be a genuine alternative to Windows?

Tell us your views on the new operating system rivalry

View poll results

> More polls

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

> More audio and video

Latest in-depth articles

Google ChromeAnalysis

Lack of enterprise appeal takes shine off Chrome OS

Enterprise buyers unlikely to ditch Windows for Chrome OS in the near term, say experts 09 Jul 2009

Satyam CEO CP GurnaniNews

How Satyam cleaned up its act

Chief executive CP Gurnani tells Angelica Mari why Tech Mahindra opted to keep the Satyam brand after it bought the scandal-hit services firm, and explains what the deal means for existing and prospective customers 09 Jul 2009

> More in depth articles

Advertisement

Primary Navigation