Examples of Punycode in Phishing

Punycode can sometimes be identified by links starting xn--Punycode is a term used to describe the transformation of IDNA protocol into ASCII codes. Only a limited number of ASCII numbers and characters are utilized in Punycode encoding: 0-9, A-Z, and also the hyphen (-), therefore making the ASCII characters in any Unicode string to be represented like that. In the case of non-ASCII characters, they are expressed by ASCII characters which are permitted in the labels of any host domain name. Different prefixes are utilized by different encoding methods and also any translation into Punycode is purely determined by the web browser of the internet user.
 
It is possible to carry out a phishing attack with the use of the same method in punycode. Punycode in phishing is really a way a cyber criminal tricks computer users through the remote system they're interacting with, by taking advantage of the truth that a variety of characters look alike. For instance, an individual often visiting paypal.com might be attracted to follow the link [Сlickbank.com] (punycode: xn--lickbank-xjg.com/) in which the Latin C is changed using the Cyrillic С (which is actually the Russian sound for ‘s’. This type of punycode phishing is also called script spoofing. Unicode includes many writing systems, and for several reasons, characters which look alike, for example Latin O, Cyrillic О and Greek O, were not given exactly the same code. Their malicious or incorrect usage is really a possibility for security attacks.
 
Because punycode enables websites to make use of full names of Unicode characters, it is possible for users of IDNA to be exposed to phishing attacks. Through IDNA, it is possible to make a spoofed site that appears the same as another, including security certificate and domain name, but is in fact controlled by another person who is just trying to steal personal data.
 
Phishing attempts using punycode can look very real.Phishing is a technique to trick internet users into going to fraudulent websites. Phishing websites are made to appear like the normal pages of popular websites like PayPal and eBay. People are invited to click links through spam mails to users of MSN, AOL, Yahoo, Gmail, etc. The spam messages may look very authentic, showing corporate logos and formats like the ones employed by those popular websites in their messages to customers. Typically, they request for verification of certain information, for example passwords and account numbers. For the fact that the e-mails look very legitimate, as many as 20% of unsuspecting recipients may respond, leading to Identity theft, financial losses, and other fraudulent activities.
 
A lot of web browsers have been including a lot of security features in order to combat the problem of punycode in phishing. Google Chrome always displays punycode for components mixing letters from many languages. For instance, there's not really a single language that consists of all characters present in http://søñdërzeiech?domæînistsuþer.p , therefore this is shown as punycode. In the same way, http://Сlickbank.com (having a Cyrillic "С") will show as punycode, even when Russian and English have been in the recognized languages. This is the way it is done even when the domain is under the TLD whose registry is always protecting against phishing attacks.
 
To be able to address concerns of the usability of punycode, Opera web browser makes use of a white-list for registrars of domain names which have regulations against possible exploits. Therefore, a white-listed TLD displays the Unicode name, while untrusted domain names only display the punycode name with the use of the xn-- prefix. The same measures are being taken by other browsers like Firefox and Internet Explorer.
The Latest Browsers Include Alerts to Possible Punycode Spoofing Attempts
The most recent versions of browsers, including usually warn of the possible punycode in phishing. They do this by showing the website in the browser bar using punycode rather than Unicode characters. If you work with IDNs, it's smart to look at the address bar after loading a webpage to ascertain if the website's address really shows as punycode. If that's the case, it is very likely that you have been forwarded to a phishing site.
Read More

The Fake Review Site Scam

Dont always believe online reviewsThe internet has opened a whole new avenue for marketing of products. E-business volumes have gone up significantly and with the proliferation of the internet these will increase many times over in the future. The internet apart from creating a marketing opportunity has enabled a lot of creative means to market products.

Initially it was just plain vanilla marketing, and then came in the online procurement and payment systems. Along with this came the process of evaluation of the products. Forums were created to discuss the products etc. If done with a good intent this would have been excellent way of letting the consumer make a right decision based on the actual inputs and feedback from other consumers. Unfortunately, the internet has huge disadvantage of being anonymous and as a result this facility can be misused in wither promoting a product or vice versa.

In many cases, it could be that there is a cabal formed by affiliates who can post very positive reviews about a product which can lead a potential customer to believe about the product based on the feedback only to understand later when they actually receives the product.

Can this be curbed? Not really.

However there can be other checks and balances that a potential consumer can put to use. Post queries in forums that are not managed by the site that you are referring to. Check the trend of the responses. If you find all positives with very little negative inputs then you need to find out be extra careful and cautious so as to make additional checks. Also try to find patterns in the language, the date of the posting and such other pointers as these could sometime give away these aspects quite blatantly.

Additionally, try finding out feedback from other websites which may sell a competing product as there could be a reference available about the product that you are looking for. Use other set of data pointers like whether the company is a listed and reputed brand, its existence, your ability to check out the product at a local store, the place from where the company is conducting its business, the mode of payment etc.

One must not be carried away by the fact that this is internet marketing. After all it is human and therefore there has to be caution exercised.

Another aspect to be borne in mind is the information available on the internet has not reached a point where it can be easily used in a court of law for mis-representation as the marketers could always claim that they were not aware of the person who posted that information. It will take time for cyber laws to evolve, and it is doing so slowly.

If you cannot make a decision, then you may choose not to buy it. It is better to buy a known product for a few dollars more than buying something worthless and repenting. It is better to be safe than sorry. In summary, whatever the checks and balances, the maxim – Caveat Emptor – Let the Buyer Beware prevails and products sold on the internet are no exception.

Happy online shopping!!
Read More

Protecting Your Online Privacy By Using Encrypted Connections though Proxy Servers

Too many people take it for granted that what they do online is private and protected, but the truth is that most people have data that is vulnerable, all too ready for sophisticated people to capture.

Even people who work on private networks are at risk, but for those using public networks the risk is even greater. Keeping data secure is crucial for anyone who wants to avoid the damaging loss of personal or critical business information.

The simple act of hitting “Reply” on an email is task fraught with risk.

There are many safe guards that can be put in place, but one of the most secure ways to protect your online privacy is by using encrypted connections when working through a private proxy server.

Encryption, in terms of moving information, is the process by which data is put through a complex algorithm which makes it unreadable to anyone who does not have the key to decrypt it. Encryption can be used to protect data on computers and storage devices and is the first round of defense for those wanting to keep their personal data private when working online.

Another weapon in the arsenal of those wanting to protect their online privacy is the use of a private proxy server. A proxy server is a computer or application that serves as go-between for information requests between servers. Requests can be for information such as a web page, a file download, or other services and these are made through a proxy server rather than connecting directly to the server that houses the actual data.

The proxy server has two primary purposes, one is to maintain anonymity of the computer behind it for security reasons and the other reason is to speed access to a data resource.

There are numerous types of proxy servers including a caching proxy, a reverse proxy, a tunneling proxy, and a content filer proxy server. All of these different type servers provide different functions and features.

Many public proxy servers will accept unencrypted information and this can create a security risk because the data could be collected and thus make it vulnerable. It is important that those who use proxy servers know the integrity of the proxy servers they connect to, which is why the use of a private proxies with a good reputation is advised.

In some cases, malicious proxy servers have been intentionally set-up to record all unencrypted data and this data can later be harvested and used by those that have captured it. The key to protecting your personal data is encryption and this applies whether you are on a private or public network and specifically when accessing data through a proxy server. Using an encrypted connection can provide a great line of defense against internet hackers who employ packet sniffers and other sophisticated means of capturing private data.

Read More

Social Networking Dangers and Rules

Web Security is all about educating yourself about online hazards. Education is the answer to computer security and protecting youngsters on the web. All parents need to educate themselves about Internet security, cyberbullying, and social networking dangers. These all represent threats which did not exist just a few years ago, certainly your old Dr Spock books are going to be no use here!

Social networking is growing at an amazing rate, with children of all ages and online predators and cyberbullies using these sites more and more. Parents should understand the guidelines for protecting children each site has, and if you do not believe the rules are strong enough don’t let your child join the site. There are some basic ground rules for social networking sites including MySpace, Facebook, etc for kid safety.

  • First, don’t let your child to use their real name, make a new nickname just for the online world.
  • Second , make sure your child understands not to post your home address, home telephone number, or cell phone number.
  • Third, make a time-frame for when you child can be online .
  • Fourth, all photographs should be reviewed before being posted online .

You should understand that everything your child does on the internet is recorded there forever, once something is uploaded there is generally no delete button. As soon as a site is indexed by a search engine copies are made, so even if you delete the original you will still find thousands of copies all around the net.

Parents should know the way to work the social networking sites which includes making comments on pages, the wall, email, and posting photographs. If possible you should create an account on the social networking site to join in with your children. You can insist to your child that they will not have an account unless they make you a friend so that you can observe their wall, evaluate their friend list and assess the photos getting posted on the web. This simple act will help you forestall online predators from contacting your youngster. I understand most chiildren are not going to like this, but being upfront about everything is far better than being sneaky and being found out.

Cyberbullies bring into play a selection of technology to make threats, trouble, or make the Internet uncomfortable for children. Victims are often kids and the cyberbully generally goes to the same school as your child . Cyberbullies send e-mails, IM or messages to the victim’s cell or computer. This is starting to become even more popular on social networking sites. Parents need to chat to their kids to see if this is happening to them.

Web safety for children is all about parents being educated about web security. Parents need to take a pro-active role in educating themselves about how social networking site work and what is cyberbullying. The more you educate yourself about the internet and talk to your kids the safer they are going to be.

Read More

What Is Your IP Address Telling Everybody?

Back in the early days of the Internet, which of course in the grand scheme of things was very recent, you can be sure that your personal online security was not something that was even remotely considered. As such we are now in the situation where it is incredibly easy to steal information from people online, in fact half the time people are just giving it away for free!
 
Every computer on the Internet is given its own unique number, its IP address, which allows it to be located amongst the millions of connected devices. What does this IP address reveal about you? How is it used?
 
Different sites will use your IP address in different ways; it can be used to ensure you see information relevant to your location, or for restricting your access to certain sites, such as gambling sites from US customers or the BBC iPlayer service from those outside the UK. Such activities, though often annoying, are not actually going to harm you. Your IP address can however be used for much more sinister activities.
 
Finding out simple things like what browser and applications you are using or what operating system you have installed can be done by anybody. Those in the know though will be able to do much more, they will be able to locate your country, city, street even exact house number.
 
However most criminals are not that interested in your physical location, not when they can do so much more remotely! Through knowing your IP address they can directly connect to your computer, harness any one of thousands of backdoors and security loopholes with the applications you have installed and steal information directly from you. Things like your bank logins, credit card details even simple things like your Facebook logins can be used by criminals for any purpose they see fit.
 
So while traditionally people have been happy to install ‘anti-virus’ packages it is only recently that they have considered installing software to hide their identity online. Those who use the Internet for any form of banking or sensitive applications would be foolish not to invest in such a service. Packages like Identity Cloaker are the best you can get for protecting your IP address online, as not only do they hide you IP but they encrypt your data too.
 
You lock your windows, you lock your front door, so don’t leave your computer open.

 

 

Read More

Online Security

The online world is one of two faces, the side where we find what we need, book holidays, save time with online services and generally enjoy ourselves. Then there is the darker side, where individuals and organisations are trying to infiltrate our lives without permission, steal our identities, money and generally destroy everything we worked hard for! So yes while we can say the Internet has given us many things, we must not discount the threats it has produced.

Being safe online these days is much harder than even 12 months ago, the methods deployed by criminals become more taxing and skilful by the day. The speed at which these new hacking techniques are being deployed far outstrips the speed at which patches are released for the software we are all using. Even the most respected browsers from Microsoft and Firefox fall foul to many a threat, despite their respective parent companies spending millions of dollars on development. It is therefore even more vital these days to be proactive in your attempts to thwart online criminals, relying on your free antivirus software alone is only going to lead to disaster these days!

Perhaps the most common, and most dangerous, system infiltrations involve key loggers and hidden P2P applications. A system compromised in this way will be working as a server, distributing pirate software or pornography to other users around the world. This takes place without your knowledge, and often with your anti-virus software still running! This is because the program has altered the way your Virus package works, so it reports it is working but really it is not. At the same time key loggers on your computer will record every thing you type, every login, every email, all your bank details will be recorded and sent back to the criminals.

Always ensure you are running with a software firewall on your computer, and preferably a hardware firewall on your modem or router too. These of course must both be setup correctly, if they are configured to allow all traffic then they are effectively not there!

Further you should ensure you are running a complete Anti-Malware package, this will cover virus, phishing, adware, key-loggers and Trojans at the same time, the better packages will include full firewall capabilities in the same package. Ensure you computer is fully patched, which these days requires you to be running with licensed software. Never use pirate copies of operating systems or Anti-Virus products, it may sound like obvious advice but it is amazing how many people trust their online security to the very people who do most of the hacking in the first place!

Finally install IP changing software with encryption technology so as to hide yourself online, as if they can’t find you they can’t attack you!


Kaspersky Lab eStore

 

Read More