SlideShare a Scribd company logo

IDN Homograph Attack and Phishing

Safak Aslan
Safak Aslan

IDN Homograph Attack and Phishing

Technology
1 of 7
Download to read offline
1
2 1. Introduction “The weakest ring of the chain in cyber security is human.” Internationalized Domain Name (IDN) allows people around the world to use domain names in local languages using local letters in the alphabet. IDNs consist of different languages components such as Arabic, Chinese, or Cyrillic, briefly, it is a spoofing method for a domain name. IDNs are encoded by the Unicode standard and are additionally used as allowed by the corresponding IDN protocols. 2. IDN Homograph Attack In some cases, using simple fraud methods, and considering the victim perception for social engineering, the attacker prefers to use similar letters or numbers in alphabets in domain addresses. For instance: Figure 1 As it can be seen from Figure 1, the attacker has preferred to use "0" number instead of "o" letter. A more realistic example is that in an IDN homograph attack, for social engineering methods, an attacker can form one or more fake domain addresses using at least one similar character from a different dildo. Hypothetically, Omicron (U + 03BF), a lowercase letter in Greek, and "o" (U + 006F), a Latin lowercase letter, are very similar and difficult to discern. Figure 2 As it can be seen from Figure 2, obviously, both characters are similar.
3 Figure 3 Figure 3 demonstrates the difference between two URLs. Figure 4 Figure 3 demonstrates the fake IDN homograph attack via WhatsApp and unfortunately, the demonstration of the domain name is cleartext, not Punycode, still many apps supports IDN characters and it is a good way for social engineering especially using mobile devices. For instance, let's think about we have a bank and the main domain of the bank is www.aslanbank.com. Utilizing IDN Characters (https://www.unicode.org/reports/tr36/idn- chars.html), it is possible to form similar domain addresses. I prefer to use the first letter of the Greek, Alpha, α instead of a and then form the new domain of www.αslanbank.com. Figure 5
4 In normally, due to the Alpha, the domain is converted into www.xn--slanbank-d9f.com and Figure 4 demonstrates it. It is the perfect method for phishing and the other social engineering methods. An interesting point is that considering popular social media platforms, apps, the biggest banks, it is possible to buy many IDN's when I check their domain names utilizing IDN characters. The domain prices are really cheap and for attackers, it, undoubtedly, is a better way for phishing to achieve high phishing rates. 3. Real Case Instances Figure 6 As it can be seen in Figure 6, the "l" is converted into "ı" for apple.com. Figure 7 Figure 7 shows the websites of the big companies' IDN conversion.
5 4. Conclusion Browsers such as Google Chrome tries to protect individuals from IDN homograph attack using some policies. Therefore, it is an important element to use the updated browsers or to set options. In the below URLs, there is more detail info about the Chrome and Mozilla IDN Display Algorithm and policies. https://wiki.mozilla.org/IDN_Display_Algorithm https://www.chromium.org/developers/design-documents/idn-in-google-chrome#TOC- Google-Chrome-s-IDN-policy However, for big commercial companies, it is not a solution, it is a solution for just end users. Figure 8 Therefore, taking into consideration of each letters IDN characters combinations, the big companies should buy possible IDNs before the attackers or if the company is small-size or medium-size, can generate each IDN for their main domain addresses, and add them their blacklist.
6 For instance, for aslanbank.com example, there are more than 100 IDN possibilities, to protect the customers, it is more logical to buy these possible IDNs, and for the other possible IDNs such as subdomains, it is a solution to add them to the blacklist and report them as a spam. Therefore, for big commercial companies' customers, the generation of the possible IDNs is the key element for the homograph attack.
7 5. Some IDN Generators: https://www.irongeek.com/homoglyph-attack-generator.php https://github.com/UndeadSec/EvilURL https://github.com/phishai/idn_generator 6. References: https://www.unicode.org/reports/tr36/idn-chars.html https://www.punycoder.com/ Figure 3: https://www.casaba.com/products/UCAPI/ Figure 5: https://www.pcworld.com/article/3191539/security/phishing-attacks-using- internationalized-domains-are-hard-to-block.html Figure 7: https://www.forensicmag.com/news/2018/02/virtual-case-notes-homograph- phishing-attacks-make-near-perfect-copies-popular-domain-names

Recommended

React vs angular what to choose for your app
React vs angular what to choose for your appReact vs angular what to choose for your app
React vs angular what to choose for your appConcetto Labs
 
Front End Development | Introduction
Front End Development | IntroductionFront End Development | Introduction
Front End Development | IntroductionJohnTaieb
 
Progressive Web App
Progressive Web AppProgressive Web App
Progressive Web AppSaleemMalik52
 
Introduction to Web Components
Introduction to Web ComponentsIntroduction to Web Components
Introduction to Web ComponentsFu Cheng
 
Introduction to Progressive Web App
Introduction to Progressive Web AppIntroduction to Progressive Web App
Introduction to Progressive Web AppBinh Bui
 
React workshop presentation
React workshop presentationReact workshop presentation
React workshop presentationBojan Golubović
 
Progressive Web App
Progressive Web AppProgressive Web App
Progressive Web AppSubodh Garg
 
Progressive Web Apps
Progressive Web AppsProgressive Web Apps
Progressive Web AppsSoftware Infrastructure
 

Recommended

React vs angular what to choose for your app
React vs angular what to choose for your appReact vs angular what to choose for your app
React vs angular what to choose for your appConcetto Labs
 
Front End Development | Introduction
Front End Development | IntroductionFront End Development | Introduction
Front End Development | IntroductionJohnTaieb
 
Progressive Web App
Progressive Web AppProgressive Web App
Progressive Web AppSaleemMalik52
 
Introduction to Web Components
Introduction to Web ComponentsIntroduction to Web Components
Introduction to Web ComponentsFu Cheng
 
Introduction to Progressive Web App
Introduction to Progressive Web AppIntroduction to Progressive Web App
Introduction to Progressive Web AppBinh Bui
 
React workshop presentation
React workshop presentationReact workshop presentation
React workshop presentationBojan Golubović
 
Progressive Web App
Progressive Web AppProgressive Web App
Progressive Web AppSubodh Garg
 
Progressive Web Apps
Progressive Web AppsProgressive Web Apps
Progressive Web AppsSoftware Infrastructure
 
Progressive web app
Progressive web appProgressive web app
Progressive web appDeepak Upadhyay
 
Pwa.pptx
Pwa.pptxPwa.pptx
Pwa.pptxHarish Karthick
 
Progressive Web APP ( PWA )
Progressive Web APP ( PWA ) Progressive Web APP ( PWA )
Progressive Web APP ( PWA ) Bijaya Oli
 
UI Web Development.pptx
UI Web Development.pptxUI Web Development.pptx
UI Web Development.pptxSHAIKIRFAN715544
 
Hands on JSON
Hands on JSONHands on JSON
Hands on JSONOctavian Nadolu
 
Web development tool
Web development toolWeb development tool
Web development toolDeep Bhavsar
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
Progressive Web-App (PWA)
Progressive Web-App (PWA)Progressive Web-App (PWA)
Progressive Web-App (PWA)NexThoughts Technologies
 
Introduction to React JS
Introduction to React JSIntroduction to React JS
Introduction to React JSLohith Goudagere Nagaraj
 
Progressive web apps
Progressive web appsProgressive web apps
Progressive web appsR. Caner Yıldırım
 
Micro-frontend
Micro-frontendMicro-frontend
Micro-frontendMiguel Angel Teheran Garcia
 
Sitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQLSitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQLThom Puiman
 
ReactJS
ReactJSReactJS
ReactJSHiten Pratap Singh
 
Virtualization concept slideshare
Virtualization concept slideshareVirtualization concept slideshare
Virtualization concept slideshareYogesh Kumar
 
Angular PWA
Angular PWAAngular PWA
Angular PWAVinci Rufus
 
Progressive Web Apps(PWA)
Progressive Web Apps(PWA)Progressive Web Apps(PWA)
Progressive Web Apps(PWA)Muhamad Fahriza Novriansyah
 
Headless - the future of e-commerce
Headless - the future of e-commerceHeadless - the future of e-commerce
Headless - the future of e-commerceJamie Maria Schouren
 
Unikernels
UnikernelsUnikernels
Unikernelsjtsagata
 
Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)Zhentian Wan
 
Responsive web design
Responsive web designResponsive web design
Responsive web designRuss Weakley
 
Component Technologies of E-Commerce
Component Technologies of E-CommerceComponent Technologies of E-Commerce
Component Technologies of E-CommerceSamuel Saunders
 
Phishing
PhishingPhishing
PhishingProgrammer
 

More Related Content

What's hot

Progressive Web APP ( PWA )
Progressive Web APP ( PWA ) Progressive Web APP ( PWA )
Progressive Web APP ( PWA ) Bijaya Oli
 
Web development tool
Web development toolWeb development tool
Web development toolDeep Bhavsar
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .paradisetechsoftsolutions
 
Sitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQLSitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQLThom Puiman
 
Virtualization concept slideshare
Virtualization concept slideshareVirtualization concept slideshare
Virtualization concept slideshareYogesh Kumar
 
Headless - the future of e-commerce
Headless - the future of e-commerceHeadless - the future of e-commerce
Headless - the future of e-commerceJamie Maria Schouren
 
Unikernels
UnikernelsUnikernels
Unikernelsjtsagata
 
Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)Zhentian Wan
 
Responsive web design
Responsive web designResponsive web design
Responsive web designRuss Weakley
 

What's hot (20)

Progressive web app
Progressive web appProgressive web app
Progressive web app
 
Pwa.pptx
Pwa.pptxPwa.pptx
Pwa.pptx
 
Progressive Web APP ( PWA )
Progressive Web APP ( PWA ) Progressive Web APP ( PWA )
Progressive Web APP ( PWA )
 
UI Web Development.pptx
UI Web Development.pptxUI Web Development.pptx
UI Web Development.pptx
 
Hands on JSON
Hands on JSONHands on JSON
Hands on JSON
 
Web development tool
Web development toolWeb development tool
Web development tool
 
learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .learn what React JS is & why we should use React JS .
learn what React JS is & why we should use React JS .
 
Progressive Web-App (PWA)
Progressive Web-App (PWA)Progressive Web-App (PWA)
Progressive Web-App (PWA)
 
Introduction to React JS
Introduction to React JSIntroduction to React JS
Introduction to React JS
 
Progressive web apps
Progressive web appsProgressive web apps
Progressive web apps
 
Micro-frontend
Micro-frontendMicro-frontend
Micro-frontend
 
Sitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQLSitecore User Group - JSS & GraphQL
Sitecore User Group - JSS & GraphQL
 
ReactJS
ReactJSReactJS
ReactJS
 
Virtualization concept slideshare
Virtualization concept slideshareVirtualization concept slideshare
Virtualization concept slideshare
 
Angular PWA
Angular PWAAngular PWA
Angular PWA
 
Progressive Web Apps(PWA)
Progressive Web Apps(PWA)Progressive Web Apps(PWA)
Progressive Web Apps(PWA)
 
Headless - the future of e-commerce
Headless - the future of e-commerceHeadless - the future of e-commerce
Headless - the future of e-commerce
 
Unikernels
UnikernelsUnikernels
Unikernels
 
Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)Introduction to Progressive web app (PWA)
Introduction to Progressive web app (PWA)
 
Responsive web design
Responsive web designResponsive web design
Responsive web design
 

Similar to IDN Homograph Attack and Phishing

Component Technologies of E-Commerce
Component Technologies of E-CommerceComponent Technologies of E-Commerce
Component Technologies of E-CommerceSamuel Saunders
 
Discussion Task #1 Research· Scan and analyze the infogra.docx
Discussion Task #1 Research· Scan and analyze the infogra.docxDiscussion Task #1 Research· Scan and analyze the infogra.docx
Discussion Task #1 Research· Scan and analyze the infogra.docxpauline234567
 
Internationalised Domain Names & Internet Investigations
Internationalised Domain Names & Internet InvestigationsInternationalised Domain Names & Internet Investigations
Internationalised Domain Names & Internet InvestigationsVere Software
 
Chapter 12 A Manager’s Guide to the Internetand Telecommuni
Chapter 12 A Manager’s Guide to the Internetand TelecommuniChapter 12 A Manager’s Guide to the Internetand Telecommuni
Chapter 12 A Manager’s Guide to the Internetand TelecommuniEstelaJeffery653
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web SpamLow Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spamieijjournal
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web SpamLow Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spamieijjournal
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam ieijjournal
 
iOS vs android .pptx
iOS vs android .pptxiOS vs android .pptx
iOS vs android .pptxabid masood
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormShield
 
Internet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxInternet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxnormanibarber20063
 
RansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailRansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailTelefónica
 
Web Hosting Terminology
Web Hosting TerminologyWeb Hosting Terminology
Web Hosting TerminologyHTS Hosting
 
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNINGA REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNINGEmma Burke
 
Unit8 a1 student_template
Unit8 a1 student_templateUnit8 a1 student_template
Unit8 a1 student_templaterl336
 
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
 

Similar to IDN Homograph Attack and Phishing (20)

Component Technologies of E-Commerce
Component Technologies of E-CommerceComponent Technologies of E-Commerce
Component Technologies of E-Commerce
 
Phishing
PhishingPhishing
Phishing
 
Discussion Task #1 Research· Scan and analyze the infogra.docx
Discussion Task #1 Research· Scan and analyze the infogra.docxDiscussion Task #1 Research· Scan and analyze the infogra.docx
Discussion Task #1 Research· Scan and analyze the infogra.docx
 
Internationalised Domain Names & Internet Investigations
Internationalised Domain Names & Internet InvestigationsInternationalised Domain Names & Internet Investigations
Internationalised Domain Names & Internet Investigations
 
Chapter 12 A Manager’s Guide to the Internetand Telecommuni
Chapter 12 A Manager’s Guide to the Internetand TelecommuniChapter 12 A Manager’s Guide to the Internetand Telecommuni
Chapter 12 A Manager’s Guide to the Internetand Telecommuni
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web SpamLow Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web SpamLow Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam
 
Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam Low Cost Page Quality Factors To Detect Web Spam
Low Cost Page Quality Factors To Detect Web Spam
 
iOS vs android .pptx
iOS vs android .pptxiOS vs android .pptx
iOS vs android .pptx
 
Normshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing ReportNormshield 2018 Airlines Phishing Report
Normshield 2018 Airlines Phishing Report
 
Internet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxInternet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docx
 
RansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mailRansomCloud O365: Pay por your Office 365 e-mail
RansomCloud O365: Pay por your Office 365 e-mail
 
Xamarin the good, the bad and the ugly
Xamarin the good, the bad and the uglyXamarin the good, the bad and the ugly
Xamarin the good, the bad and the ugly
 
Web Hosting Terminology
Web Hosting TerminologyWeb Hosting Terminology
Web Hosting Terminology
 
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNINGA REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
A REPORT On DETECTION OF PHISHING WEBSITE USING MACHINE LEARNING
 
School updated
School updatedSchool updated
School updated
 
Unit8 a1 student_template
Unit8 a1 student_templateUnit8 a1 student_template
Unit8 a1 student_template
 
Domain name
Domain nameDomain name
Domain name
 
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
 
Amazon & E Bay
Amazon & E BayAmazon & E Bay
Amazon & E Bay
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

IDN Homograph Attack and Phishing

  • 1. 1
  • 2. 2 1. Introduction “The weakest ring of the chain in cyber security is human.” Internationalized Domain Name (IDN) allows people around the world to use domain names in local languages using local letters in the alphabet. IDNs consist of different languages components such as Arabic, Chinese, or Cyrillic, briefly, it is a spoofing method for a domain name. IDNs are encoded by the Unicode standard and are additionally used as allowed by the corresponding IDN protocols. 2. IDN Homograph Attack In some cases, using simple fraud methods, and considering the victim perception for social engineering, the attacker prefers to use similar letters or numbers in alphabets in domain addresses. For instance: Figure 1 As it can be seen from Figure 1, the attacker has preferred to use "0" number instead of "o" letter. A more realistic example is that in an IDN homograph attack, for social engineering methods, an attacker can form one or more fake domain addresses using at least one similar character from a different dildo. Hypothetically, Omicron (U + 03BF), a lowercase letter in Greek, and "o" (U + 006F), a Latin lowercase letter, are very similar and difficult to discern. Figure 2 As it can be seen from Figure 2, obviously, both characters are similar.
  • 3. 3 Figure 3 Figure 3 demonstrates the difference between two URLs. Figure 4 Figure 3 demonstrates the fake IDN homograph attack via WhatsApp and unfortunately, the demonstration of the domain name is cleartext, not Punycode, still many apps supports IDN characters and it is a good way for social engineering especially using mobile devices. For instance, let's think about we have a bank and the main domain of the bank is www.aslanbank.com. Utilizing IDN Characters (https://www.unicode.org/reports/tr36/idn- chars.html), it is possible to form similar domain addresses. I prefer to use the first letter of the Greek, Alpha, α instead of a and then form the new domain of www.αslanbank.com. Figure 5
  • 4. 4 In normally, due to the Alpha, the domain is converted into www.xn--slanbank-d9f.com and Figure 4 demonstrates it. It is the perfect method for phishing and the other social engineering methods. An interesting point is that considering popular social media platforms, apps, the biggest banks, it is possible to buy many IDN's when I check their domain names utilizing IDN characters. The domain prices are really cheap and for attackers, it, undoubtedly, is a better way for phishing to achieve high phishing rates. 3. Real Case Instances Figure 6 As it can be seen in Figure 6, the "l" is converted into "ı" for apple.com. Figure 7 Figure 7 shows the websites of the big companies' IDN conversion.
  • 5. 5 4. Conclusion Browsers such as Google Chrome tries to protect individuals from IDN homograph attack using some policies. Therefore, it is an important element to use the updated browsers or to set options. In the below URLs, there is more detail info about the Chrome and Mozilla IDN Display Algorithm and policies. https://wiki.mozilla.org/IDN_Display_Algorithm https://www.chromium.org/developers/design-documents/idn-in-google-chrome#TOC- Google-Chrome-s-IDN-policy However, for big commercial companies, it is not a solution, it is a solution for just end users. Figure 8 Therefore, taking into consideration of each letters IDN characters combinations, the big companies should buy possible IDNs before the attackers or if the company is small-size or medium-size, can generate each IDN for their main domain addresses, and add them their blacklist.
  • 6. 6 For instance, for aslanbank.com example, there are more than 100 IDN possibilities, to protect the customers, it is more logical to buy these possible IDNs, and for the other possible IDNs such as subdomains, it is a solution to add them to the blacklist and report them as a spam. Therefore, for big commercial companies' customers, the generation of the possible IDNs is the key element for the homograph attack.
  • 7. 7 5. Some IDN Generators: https://www.irongeek.com/homoglyph-attack-generator.php https://github.com/UndeadSec/EvilURL https://github.com/phishai/idn_generator 6. References: https://www.unicode.org/reports/tr36/idn-chars.html https://www.punycoder.com/ Figure 3: https://www.casaba.com/products/UCAPI/ Figure 5: https://www.pcworld.com/article/3191539/security/phishing-attacks-using- internationalized-domains-are-hard-to-block.html Figure 7: https://www.forensicmag.com/news/2018/02/virtual-case-notes-homograph- phishing-attacks-make-near-perfect-copies-popular-domain-names