The recent decision by the Internet Corporation for Assigned Names and Numbers (Icann) to allow non-Latin characters in URL addresses is leading some experts to warn of a possible jump in phishing attacks.
Members of the Information Systems Audit and Control Association (ISACA) warned on Monday that the new characters could allow new phishing attacks as malware writers take advantage of the similarities between characters in different languages.
Peter Wood, a member of the ISACA conference committee, noted that alphabets such as Cyrillic contain characters that, when displayed in certain fonts, are extremely difficult to tell apart from Latin characters.
Wood, who is also the founder of security firm First Base Technologies, warned that malware writers could take advantage of the new domain rules to register addresses with new characters that resemble Latin letters.
"Just when we think we have got people aware about the dangers of phishing and not clicking on links in emails, it now becomes even more important," said Wood,
"Now more than ever people should type in the address of the web site they wish to visit in their browser or go directly to the IP address."
The comments come as Icann prepares to roll out a new set of rules on the registry and management of domains. The rules would allow the use of non-Latin characters and the addition of new top-level domains.
See also:
New tool lets firms centrally deploy the popular Outlook plug-in 02 Nov 2009
Spam emails play on interest in invitation-only service 03 Nov 2009
Security firm warns of imminent threat to sensitive information 30 Oct 2009
All Enterprise Security Technology Tags: Icann, Threats, Internet, Ecommerce, Security
del.icio.us
Digg this
reddit!
