Examples of Punycode in Phishing

Punycode can sometimes be identified by links starting xn--Punycode is a term used to describe the transformation of IDNA protocol into ASCII codes. Only a limited number of ASCII numbers and characters are utilized in Punycode encoding: 0-9, A-Z, and also the hyphen (-), therefore making the ASCII characters in any Unicode string to be represented like that. In the case of non-ASCII characters, they are expressed by ASCII characters which are permitted in the labels of any host domain name. Different prefixes are utilized by different encoding methods and also any translation into Punycode is purely determined by the web browser of the internet user.
 
It is possible to carry out a phishing attack with the use of the same method in punycode. Punycode in phishing is really a way a cyber criminal tricks computer users through the remote system they're interacting with, by taking advantage of the truth that a variety of characters look alike. For instance, an individual often visiting paypal.com might be attracted to follow the link [Сlickbank.com] (punycode: xn--lickbank-xjg.com/) in which the Latin C is changed using the Cyrillic С (which is actually the Russian sound for ‘s’. This type of punycode phishing is also called script spoofing. Unicode includes many writing systems, and for several reasons, characters which look alike, for example Latin O, Cyrillic О and Greek O, were not given exactly the same code. Their malicious or incorrect usage is really a possibility for security attacks.
 
Because punycode enables websites to make use of full names of Unicode characters, it is possible for users of IDNA to be exposed to phishing attacks. Through IDNA, it is possible to make a spoofed site that appears the same as another, including security certificate and domain name, but is in fact controlled by another person who is just trying to steal personal data.
 
Phishing attempts using punycode can look very real.Phishing is a technique to trick internet users into going to fraudulent websites. Phishing websites are made to appear like the normal pages of popular websites like PayPal and eBay. People are invited to click links through spam mails to users of MSN, AOL, Yahoo, Gmail, etc. The spam messages may look very authentic, showing corporate logos and formats like the ones employed by those popular websites in their messages to customers. Typically, they request for verification of certain information, for example passwords and account numbers. For the fact that the e-mails look very legitimate, as many as 20% of unsuspecting recipients may respond, leading to Identity theft, financial losses, and other fraudulent activities.
 
A lot of web browsers have been including a lot of security features in order to combat the problem of punycode in phishing. Google Chrome always displays punycode for components mixing letters from many languages. For instance, there's not really a single language that consists of all characters present in http://søñdërzeiech?domæînistsuþer.p , therefore this is shown as punycode. In the same way, http://Сlickbank.com (having a Cyrillic "С") will show as punycode, even when Russian and English have been in the recognized languages. This is the way it is done even when the domain is under the TLD whose registry is always protecting against phishing attacks.
 
To be able to address concerns of the usability of punycode, Opera web browser makes use of a white-list for registrars of domain names which have regulations against possible exploits. Therefore, a white-listed TLD displays the Unicode name, while untrusted domain names only display the punycode name with the use of the xn-- prefix. The same measures are being taken by other browsers like Firefox and Internet Explorer.
The Latest Browsers Include Alerts to Possible Punycode Spoofing Attempts
The most recent versions of browsers, including usually warn of the possible punycode in phishing. They do this by showing the website in the browser bar using punycode rather than Unicode characters. If you work with IDNs, it's smart to look at the address bar after loading a webpage to ascertain if the website's address really shows as punycode. If that's the case, it is very likely that you have been forwarded to a phishing site.
Read More

Private Proxies for Internet Marketers

While using Identity Cloaker is great for protecting your computer it is not so useful for hiding individual programs, for instance you may want to do research through Google but you find after so many searches you are getting blocked. This is because sites such as Google don't really want automated systems reading through their entire database, so if you do a lot of searches quickly Google decides you are not human and tries to put a stop to your activities.

If you use online marketing tools like Scrapebox, free Traffic Travis or SEnuke X you will soon find your online activities are being restricted by your one and only IP address being detected.

It is, of course, possible to harvest free proxies, in fact many of the above tools come with their own free proxies. However the time taken to keep these lists up to date, and the level of success you will have with them (remember the whole world has access to them) make free proxies pretty useless.

You would be well advised to consider using 10 or more private proxies, and picking ones that specifically allow the activities of scrapebox, Traffic Travis and SEnuke X. Many proxy companies do not allow you to use any of these tools with their services, however one well known company does. Squid Private Proxies was setup specifically by Internet Marketers to solve the problem of where to get reliable, fast private proxies for use with marketing tools.

Reliable Private Proxies for SEnuke and Scrapebox

You will always receive non-sequential IPs, from different subnets and from multiple datacenters around the USA and overseas. Not only that but each month you can request new IPs, so month to month you need never use the same IPs again. Prices for private proxies start at 75 cents each, though a more typical package of 25 proxies (more than enough for the average marketer) still comes in at under $50 per month.

Read More

What Is IP Spoofing And How Is A System Hijacked?

It should be no surprise to your that in the world of computer networking savvy computer technicians have the ability to mask their identity on the Internet with advanced techniques.  IP Spoofing, similar to caller ID blocking in telecommunications, refers to hackers disguising their IP address and network identification information to gain unauthorized access to other computers or networks.  When the targeted system is "spoofed" the system will display a message that a trusted source is trying to access their network.  Once the IP address is "spoofed" hackers can conduct criminal acts on your computer or network remotely. 

Internet Protocol spoofing initially became a problem in the 1980's.  While it was considered an accomplishment to crack an IP address and to conquer the protocol's weakness, it quickly became a problem and was a primary focus for security administrators thereafter.  In terms of spoofing, there are three different types of attacks:

Non-Blind Spoofing Attacks
When the attacker is actually on the same subnet as the system they are attacking this is considered a non-blind spoof.  This form of spoofing can cause session hijacking and can effectively allow the hijacker to bypass security to establish a connection using proxies and sequences. 

Blind Spoofing
Blind spoofing is a bit more advanced than non-blind methods.  Packets are sent to the machine the hijacker is targeting to get an idea of the sequence numbers in the network.  While sequencing is random, some hijackers can accurately predict sequences for access.  While some hijackers may not be able to gain a full connection, they can send data packets and viruses to the targeted machine.

Attackers are not concerned with completing full transactions on your network.  The primary focus of an IP spoofer is to consume bandwidth and resources.  By flooding the victim with packets of communication, traffic has effectively controlled your computer and a connection can be made. 

If you want to protect your computer or your network against IP spoofing it is important to take the proper precautions.  Proactive steps and security precautions are the only way to keep your IP address protected.  Ingress and egress filtering on your router is very important.  This will block private IPs and will not accept IP addresses with your sequence as the source.  Encryptions and authentication measures within your subnet are also important and can reduce attacks and vulnerability.  The truth of the matter is unless you are a spoofer yourself you are perhaps never fully protected.  Be aware of the security risks that exist and take proactive steps to protect your computer.
 

Read More

The Problems with Public Proxy Server

So you have found a nice free proxy server. Great! Well perhaps not!

There are many well known problems with free public proxy servers. Now it is true there are generally quite easy to find (especially if you know what you're looking) however the disadvantages can lead to an enormous waste of your time, and compromise your security and identity.

Free Public Proxy Server Are Almost Always Bad For SecurityThe biggest problem with public proxy servers they just are not reliable. Of course the principal reason for this is because so many people can use them, after all they are free proxy servers! With somebody people using them at the same time it's very easy for the server to get overloaded, thus leaving you with an extremely slow Internet connection. Even if you're lucky and managed to find a proxy server with very few users there is a strong chance that one of those few users is abusing it. Many Internet marketing packages include scrapers to find free proxy servers, packages such as scrapeboxand Xrumer need constant supply of proxies to operate. Just one extra user can easily swamp a single proxy. The fact that software packages such as Xrumer and scrapebox are using these proxies to spam the Internet means they are often blacklisted and can't be used for many websites.

Another major disadvantage of any public proxy server, and really the biggest disadvantage of all, is that they generally do not provide true anonymity at all. The reason for this is because so many public free proxy servers are actually run by hackers and spammers, or various other organisations determined to obtain your details. these people can see all the traffic that goes through their proxy server, and can therefore extract any information from that they require.

So if you have any concern for your online privacy you will not even consider using a free proxy server, and will instead subscribe to a paid service from a reputable company such as Identity Cloaker.

Read More

Import Books Cheaply for Expats

Something a bit different today, saving money on books! If you live in the USA or the UK then you can pretty much ignore this post as you will have access to the best discount books anyway.

However for the other 90%+ of the world population this could save you some serious money by taking advantage of price discrepancies between different countries.

For the sake of example I shall use one of my daughters favourite stories "The Terrible Plop" by Ursula Dubosarky, at the time of writing this book could be ordered online and delivered to a house in Australia for:

 

Borders.com.au $24.95
BookDepository.co.uk
$15.78
BookDepository.com $16.15

So instantly we have an almost $10 saving on the book, remember this includes postage!

BUT what if we visit those two Book Depository sites using a local IP address? Well then things get even cheaper!

BookDepository.co.uk with UK IP $12.07
BookDepository.com with US IP $12.71

Now our savings are OVER $10 from the original local book stores price, a total saving of over 50%! Oh and yes this price still INCLUDES DELIVERY!

Now of course you are going to need to get a UK and US IP address to take and while you could do this for free with an open proxy I implore you not to do this! Why? Well you are making a purchase here and you should never ever send your payment details via an open proxy, many such free proxies are purposely built just to harvest payment details from people who use them. To be secure you need to use a private proxy service such as our ever favourite Identity Cloaker, which gives you not only UK and US servers but multiple servers all around the world!

Do always remember to check both the UK and US sites, more often than not the US one is the cheaper of the two.

For those who of you who want to get this great book just click below, though remember to use a UK IP address from Identity Cloaker if you want it for the best possible price!

Discount Terrible Plop Book

Read More

Change Your IP = Save Money

All IPs are not treated the same, the geographic location of your IP address can dictate what you see on a Website, and subsequently what you pay for online good and services. Using Identity Cloaker software you can make it appear that you are located elsewhere in the world, and as such take advantage of local offer that normally you would be excluded from. Recently I purchased a round the world cruise, and saved myself over 13% by booking it through a UK IP address rather than an Australian one.

You see it works like this, visit www.pocruises.com and attempt to make a booking, unless you are in the UK you will be forwarded to the details of your countries booking agents. You can contact them and get prices, but you will find they are much higher in general than the advertised prices on the P&O Website.

How To Book A Cheap P&O Cruise Outside the UK

The Same Cruise Booked in Australia is 13% More Than Booked in the UKSo what is stopping you getting those prices? Quite simply P&O know you are outside the UK. To get those lovely UK prices there are a few steps you will need, this process is the same for almost all sites you might want to deal with be they in the USA, UK or just about anywhere else there is a proxy available for. Now in the case of P&O you will also need a UK telephone number and an address, in these days of e-tickets you would actually get away without the address to some extent but it's not hard to get one.

For a UK telephone number try voiptalk.org, or of course you could try getting a UK number from Skype.

For a UK address search Google.co.uk for "virtual office", and select somebody who does mail forwarding.

If you want to do this for a USA based company its much easier as there are many companies in the USA offering mailing addresses to the online world.

Now you probably need to clear your cookies as sites like P&O log your details the first time you visit, check Google for the free program CCleaner and run this to clear just about ever element of your online history.

Now fire up Identity Cloaker and select the country you need, in our case the UK, then visit the site. You will now find the online ordering system works fine, use your UK address and telephone number and hey presto you got your cruise.

Of course for cheap items this is hardly worth bothering with, but in this case we are talking about saving several thousand dollars. With regards to cruises some of the US companies will only sell to those with a US passport, and that's a little harder to get around!

Read More

Content Filtering: Australia

Since its foundation, Australia has been seen as a fairly liberal country, with an easy-going attitude towards just about everything. However, this is all about to change under the current administration, who are trying to push forward the Clean Feed internet filter for Australian internet users.

Australian Internet Filter stops you from saying **** *** ****!Private internet filters have been around for the last decade or so, but Clean Feed, if passed by law, would be the first national filter in the world.

We will look at the details of Clean Feed and examine its pros and cons and the potential fall out.

The proposal is a blanket censorship of thousands of websites deemed inappropriate by the Clean Feed body. This would replace the current practise of allowing each household to set their own censorship levels appropriate to the ages of internet users in their house. The kinds of sites being discussed include obviously sensitive material like pornography and drugs, but webpages discussing euthanasia, “inappropriate” political parties and over 18 rated games have also been discussed as being “RC” (refused classification). The idea is still being kicked around the Australian government, but current behind-the-scenes opinion indicates that the legislation is unlikely to get to a vote before the next general election.

The pros of this system are fairly obvious at first viewing. It aims to cut down on the amount of illegal material that is being seen and downloaded in Australia. By restricting offensive websites, younger internet users can be protected from entering sites that they didn’t mean to enter, or shouldn’t be looking at. The blanket ban on these websites removes the responsibility from internet providers and families for installing their own filters. These filters are increasingly easy to get around, and at a basic level can be simply uninstalled by a determined competent computer user, whilst a filter imposed by the internet provider and backed up by the government will be much tougher.

The Australian Labor Party minister who is campaigning for Clean Feed, Stephen Conroy, says that the filter will be carefully monitored, and regular meetings will be set up to discuss the status of controversial pages.

Australian Internet Filter - Clean FeedThe cons of the Clean Feed filter are also fairly obvious. Campaigners against the programme call it “a kick in the teeth for civil liberties” and the filter has been likened to the 1984 Big Brother society, where the state controls what each individual is able to access. The general consensus amongst anti-Clean Feed protesters is that it should remain the responsibility of each family and each person to monitor their own internet usage, using their own moral compass for guidance as to what they should and shouldn’t be accessing. By allowing a higher organisation to dictate these classified sites, the general public are submitting to the moral standards of a select few non-elected individuals. The argument runs that these people are in no better and no worse position to choose what the nation should be able to access than anyone else in the country.

Another problem is where the line is drawn. In today’s increasingly sensitive society, where political correctness can cause situations to spiral way out of context, it seems unfair for the elected party to decide what counts as racism, or other inappropriate context.

Lastly, and possibly most damagingly, studies are being conducted into whether such a filter would actually provide any sort of protection. Claims that it would help tackle the rise in paedophiles using the internet as a tool for grooming have been rubbished, saying that most illegal communication happens privately, through social network sites and emails. Taking control of these would amount to a gross breach of civil liberties, and would constitute a criminal act by the government.

The potential fall out of a decision in favour of Clean Feed could be quite dramatic. Recent opinion polls have agreed with the notion of internet filters and making the web a safer places, but when asked if the government should be in charge of their internet usage, a large proportion of the interviewees said no. By pushing this legislation through, Stephen Conroy has the potential to kick up a hornet’s nest of angry Australians, which may cause the whole operation to backfire spectacularly.

 

As ever should Clean Feed ever get the go ahead our old favourite Identity Cloaker will be useful to break through the barrier and deliver a completely unfiltered Internet experience.

Read More