The Internationalized Domain Name (Idn) Homograph Attack Explained

Computer security threats manifest in myriad ways and the internationalized domain name (IDN) homograph attack is one such nagging problem.

Unscrupulous individuals are always willing to go to greater lengths to compromise your system, privacy or personal resources. And in this type of attacks your security is undermined by attempting to deceive you on the basis of multilingual computers character similarities.

Multilingual computers highlight this problem in that a Cyrillic (an alphabet for homoglyphs) letter ‘p’ stands for phoneme identical to the English letter ‘r’, and the glyph in turn actually shows the letter ‘p’ in the Latin language and this is very much so with the majority of fonts, and this lack of differences is evident in many cases.

Such homograph anomalies presents dubious characters with the opportunity to strike using domain names resembling those of high value targets such as PayPal and others.

The attacker can register domain name by taking advantage of the above in this format – PayPayI.com and this has a deadly illusional effect when displayed in certain fonts – another example is that of RNOZILLA.ORG which could similarly be used to exploit, mozilla.org.

It is therefore important to stay vigilant particularly when visiting high value sites, phishers and others employ this method to catch you when you least expect it. By registering a domain name that resembles the original one and adjusting some of the letters homographically.

The implications of it all is that, this simple but effective deception is difficult to distinguish, in terms of irregularities between the legitimate site and phishers snare. In the end your sensitive authentication details are happily harvested by the phisher, who in many circumstances will still direct the stolen traffic to the original web site without you noticing it.

Solutions to this scourge have been included in Opera version 9.10, Firefox 2.0 and Internet Explorer 7 which entail the use of phishing filters that inform you when you unwittingly arrive at a lion’s den.

Additionally, colors have been suggested as another form of counter measures against the attacks, this is done by employing various color schemes in relation to the character groups. In this way it becomes difficult for an attacker to use font illusion tactics as the URL characters turn out in a highly detectable fashion, either in e-mail messages or on your browser.

Languages that are often used in this technique also include Greek, this is due to its letters turning out like Latin ones when the characters are displayed in lower case or capital, etc. But fortunately this is not the case with languages such as Armenia and Hebrew, the manipulative options are limited.

 

Facebook
Twitter
Pinterest