Potential IRI based Phishing Strategy


Unformatted text preview:

A Potential IRI based Phishing Strategy Yingjie Fu Xiaotie Deng Liu Wenyin Dept of Computer Science City University of Hong Kong 83 Tat Chee Ave Hong Kong SAR China anthony cs csdeng csliuwy cityu edu hk Abstract We anticipate a potential phishing strategy by obfuscation of Web links using Internationalized Resource Identifier IRI In the IRI scheme the glyphs of many characters look very similar while their Unicodes are different Hence certain different IRIs may show high similarity The potential phishing attacks based on this strategy are very likely to happen in the near future with the boosting utilization of IRI We report this potential phishing strategy to provoke much further dissections of related counter measures Keywords Internet Identifier IRI security Anti phishing Internationalized Resource 1 Introduction Phishing webpages are webpages forged to mimic the webpages of certain real companies offering Internet transactions in order to spoof end users to leak their private information It is a popular way for phishers to use visually and semantically similar URIs and similar webpages to spoof people Unwary Internet users who are induced to access phishing webpages could be deceived to expose their bank accounts passwords credit card numbers or other important information to the phishers In this paper we report a potential phishing attack that depends on the utilization and popularization of Internationalized Resource Identifier IRI 2 as could be a quite severe problem We also anticipate provoking a series of related further dissections on the potential flaw of IRI on the anti phishing aspect 2 IRI based Phishing Strategy Rapid evolution of the Internet requires advanced security developments to make it safe It is not an over claim if we say it is unimaginable if the Internet is not available However the Internet is still not mature and its development is an endless process In the very beginning people use IP address directly to access a webpage or other

Loading Unlocking...

Join to view Potential IRI based Phishing Strategy and access 3M+ class-specific study document.

We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Potential IRI based Phishing Strategy and access 3M+ class-specific study document.


By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?