Examples of Punycode in Phishing

Punycode can sometimes be identified by links starting xn--Punycode is a term used to describe the transformation of IDNA protocol into ASCII codes. Only a limited number of ASCII numbers and characters are utilized in Punycode encoding: 0-9, A-Z, and also the hyphen (-), therefore making the ASCII characters in any Unicode string to be represented like that. In the case of non-ASCII characters, they are expressed by ASCII characters which are permitted in the labels of any host domain name. Different prefixes are utilized by different encoding methods and also any translation into Punycode is purely determined by the web browser of the internet user.
 
It is possible to carry out a phishing attack with the use of the same method in punycode. Punycode in phishing is really a way a cyber criminal tricks computer users through the remote system they're interacting with, by taking advantage of the truth that a variety of characters look alike. For instance, an individual often visiting paypal.com might be attracted to follow the link [Сlickbank.com] (punycode: xn--lickbank-xjg.com/) in which the Latin C is changed using the Cyrillic С (which is actually the Russian sound for ‘s’. This type of punycode phishing is also called script spoofing. Unicode includes many writing systems, and for several reasons, characters which look alike, for example Latin O, Cyrillic О and Greek O, were not given exactly the same code. Their malicious or incorrect usage is really a possibility for security attacks.
 
Because punycode enables websites to make use of full names of Unicode characters, it is possible for users of IDNA to be exposed to phishing attacks. Through IDNA, it is possible to make a spoofed site that appears the same as another, including security certificate and domain name, but is in fact controlled by another person who is just trying to steal personal data.
 
Phishing attempts using punycode can look very real.Phishing is a technique to trick internet users into going to fraudulent websites. Phishing websites are made to appear like the normal pages of popular websites like PayPal and eBay. People are invited to click links through spam mails to users of MSN, AOL, Yahoo, Gmail, etc. The spam messages may look very authentic, showing corporate logos and formats like the ones employed by those popular websites in their messages to customers. Typically, they request for verification of certain information, for example passwords and account numbers. For the fact that the e-mails look very legitimate, as many as 20% of unsuspecting recipients may respond, leading to Identity theft, financial losses, and other fraudulent activities.
 
A lot of web browsers have been including a lot of security features in order to combat the problem of punycode in phishing. Google Chrome always displays punycode for components mixing letters from many languages. For instance, there's not really a single language that consists of all characters present in http://søñdërzeiech?domæînistsuþer.p , therefore this is shown as punycode. In the same way, http://Сlickbank.com (having a Cyrillic "С") will show as punycode, even when Russian and English have been in the recognized languages. This is the way it is done even when the domain is under the TLD whose registry is always protecting against phishing attacks.
 
To be able to address concerns of the usability of punycode, Opera web browser makes use of a white-list for registrars of domain names which have regulations against possible exploits. Therefore, a white-listed TLD displays the Unicode name, while untrusted domain names only display the punycode name with the use of the xn-- prefix. The same measures are being taken by other browsers like Firefox and Internet Explorer.
The Latest Browsers Include Alerts to Possible Punycode Spoofing Attempts
The most recent versions of browsers, including usually warn of the possible punycode in phishing. They do this by showing the website in the browser bar using punycode rather than Unicode characters. If you work with IDNs, it's smart to look at the address bar after loading a webpage to ascertain if the website's address really shows as punycode. If that's the case, it is very likely that you have been forwarded to a phishing site.
Read More

Private Proxies for Internet Marketers

While using Identity Cloaker is great for protecting your computer it is not so useful for hiding individual programs, for instance you may want to do research through Google but you find after so many searches you are getting blocked. This is because sites such as Google don't really want automated systems reading through their entire database, so if you do a lot of searches quickly Google decides you are not human and tries to put a stop to your activities.

If you use online marketing tools like Scrapebox, free Traffic Travis or SEnuke X you will soon find your online activities are being restricted by your one and only IP address being detected.

It is, of course, possible to harvest free proxies, in fact many of the above tools come with their own free proxies. However the time taken to keep these lists up to date, and the level of success you will have with them (remember the whole world has access to them) make free proxies pretty useless.

You would be well advised to consider using 10 or more private proxies, and picking ones that specifically allow the activities of scrapebox, Traffic Travis and SEnuke X. Many proxy companies do not allow you to use any of these tools with their services, however one well known company does. Squid Private Proxies was setup specifically by Internet Marketers to solve the problem of where to get reliable, fast private proxies for use with marketing tools.

Reliable Private Proxies for SEnuke and Scrapebox

You will always receive non-sequential IPs, from different subnets and from multiple datacenters around the USA and overseas. Not only that but each month you can request new IPs, so month to month you need never use the same IPs again. Prices for private proxies start at 75 cents each, though a more typical package of 25 proxies (more than enough for the average marketer) still comes in at under $50 per month.

Read More

What Is IP Spoofing And How Is A System Hijacked?

It should be no surprise to your that in the world of computer networking savvy computer technicians have the ability to mask their identity on the Internet with advanced techniques.  IP Spoofing, similar to caller ID blocking in telecommunications, refers to hackers disguising their IP address and network identification information to gain unauthorized access to other computers or networks.  When the targeted system is "spoofed" the system will display a message that a trusted source is trying to access their network.  Once the IP address is "spoofed" hackers can conduct criminal acts on your computer or network remotely. 

Internet Protocol spoofing initially became a problem in the 1980's.  While it was considered an accomplishment to crack an IP address and to conquer the protocol's weakness, it quickly became a problem and was a primary focus for security administrators thereafter.  In terms of spoofing, there are three different types of attacks:

Non-Blind Spoofing Attacks
When the attacker is actually on the same subnet as the system they are attacking this is considered a non-blind spoof.  This form of spoofing can cause session hijacking and can effectively allow the hijacker to bypass security to establish a connection using proxies and sequences. 

Blind Spoofing
Blind spoofing is a bit more advanced than non-blind methods.  Packets are sent to the machine the hijacker is targeting to get an idea of the sequence numbers in the network.  While sequencing is random, some hijackers can accurately predict sequences for access.  While some hijackers may not be able to gain a full connection, they can send data packets and viruses to the targeted machine.

Attackers are not concerned with completing full transactions on your network.  The primary focus of an IP spoofer is to consume bandwidth and resources.  By flooding the victim with packets of communication, traffic has effectively controlled your computer and a connection can be made. 

If you want to protect your computer or your network against IP spoofing it is important to take the proper precautions.  Proactive steps and security precautions are the only way to keep your IP address protected.  Ingress and egress filtering on your router is very important.  This will block private IPs and will not accept IP addresses with your sequence as the source.  Encryptions and authentication measures within your subnet are also important and can reduce attacks and vulnerability.  The truth of the matter is unless you are a spoofer yourself you are perhaps never fully protected.  Be aware of the security risks that exist and take proactive steps to protect your computer.
 

Read More

The Problems with Public Proxy Server

So you have found a nice free proxy server. Great! Well perhaps not!

There are many well known problems with free public proxy servers. Now it is true there are generally quite easy to find (especially if you know what you're looking) however the disadvantages can lead to an enormous waste of your time, and compromise your security and identity.

Free Public Proxy Server Are Almost Always Bad For SecurityThe biggest problem with public proxy servers they just are not reliable. Of course the principal reason for this is because so many people can use them, after all they are free proxy servers! With somebody people using them at the same time it's very easy for the server to get overloaded, thus leaving you with an extremely slow Internet connection. Even if you're lucky and managed to find a proxy server with very few users there is a strong chance that one of those few users is abusing it. Many Internet marketing packages include scrapers to find free proxy servers, packages such as scrapeboxand Xrumer need constant supply of proxies to operate. Just one extra user can easily swamp a single proxy. The fact that software packages such as Xrumer and scrapebox are using these proxies to spam the Internet means they are often blacklisted and can't be used for many websites.

Another major disadvantage of any public proxy server, and really the biggest disadvantage of all, is that they generally do not provide true anonymity at all. The reason for this is because so many public free proxy servers are actually run by hackers and spammers, or various other organisations determined to obtain your details. these people can see all the traffic that goes through their proxy server, and can therefore extract any information from that they require.

So if you have any concern for your online privacy you will not even consider using a free proxy server, and will instead subscribe to a paid service from a reputable company such as Identity Cloaker.

Read More

Import Books Cheaply for Expats

Something a bit different today, saving money on books! If you live in the USA or the UK then you can pretty much ignore this post as you will have access to the best discount books anyway.

However for the other 90%+ of the world population this could save you some serious money by taking advantage of price discrepancies between different countries.

For the sake of example I shall use one of my daughters favourite stories "The Terrible Plop" by Ursula Dubosarky, at the time of writing this book could be ordered online and delivered to a house in Australia for:

 

Borders.com.au $24.95
BookDepository.co.uk
$15.78
BookDepository.com $16.15

So instantly we have an almost $10 saving on the book, remember this includes postage!

BUT what if we visit those two Book Depository sites using a local IP address? Well then things get even cheaper!

BookDepository.co.uk with UK IP $12.07
BookDepository.com with US IP $12.71

Now our savings are OVER $10 from the original local book stores price, a total saving of over 50%! Oh and yes this price still INCLUDES DELIVERY!

Now of course you are going to need to get a UK and US IP address to take and while you could do this for free with an open proxy I implore you not to do this! Why? Well you are making a purchase here and you should never ever send your payment details via an open proxy, many such free proxies are purposely built just to harvest payment details from people who use them. To be secure you need to use a private proxy service such as our ever favourite Identity Cloaker, which gives you not only UK and US servers but multiple servers all around the world!

Do always remember to check both the UK and US sites, more often than not the US one is the cheaper of the two.

For those who of you who want to get this great book just click below, though remember to use a UK IP address from Identity Cloaker if you want it for the best possible price!

Discount Terrible Plop Book

Read More