Cybercriminals Targeting International Domain Names?

Domain names, the URLs you type into a browser to visit a particular website, are getting a new look as we move into 2010. What is good news for the international community, though, may bring a concomitant increase in the opportunity for criminals to profit from cybercrime.

Although non-Roman characters were previously allowed in the first part of the two-part domain name, the suffix, or “top-level,” domain was confined to the Roman alphabet (ex. “.com”). As of November 2009, countries could apply for IDN ccTLDs—Internationalized Domain Name country code Top-Level Domains—containing characters in their native script. This move is significant because it means that an entire domain name can be written in non-Roman script. There is hope that such a move will usher in new internet users, and ease a less tech-savvy generation into a new level of comfort when surfing online.

However, the publicity surrounding the announcement resurrects old issues addressed by ICANN (Internet Corporation for Assigned Names and Numbers) in 2005. With the new domain names, cybercriminals can engage in homograph domain name spoofing, which preys upon the similar look of certain characters to trick people into visiting fake websites. A recent article from the London Times, addressing characters and symbols in second-level domains, underscores the persistence of the threat:

“The problem for Western users is that the internet addresses of many well-known companies, such as Apple, Yahoo, Google and PayPal, can also be rendered to look identical in Cyrillic scripts, such as Russian.

To a Roman-reading eye, an e-mail containing a link to any one of these sites might appear genuine, while to a Russian-reading eye, ‘paypal’, for example, reads as ‘raural’. An e-mail link could thus lead to a clone site constructed by unscrupulous thieves, who could then use it to harvest personal and financial details, or to steal cash.”

As cybercrime gets more and more sophisticated, one has to be ever alert in keeping up with the latest threats and trends. Time will tell how the above-detailed scenario plays out, but remember to keep your browsers updated and make sure you have adequate antivirus protection in order to protect yourself from cybercriminals.


London Times, Domain name extension ‘could boost cyber-crime’ http://technology.timesonline.co.uk/tol/news/tech_and_web/article6971724.ece

Yahoo! Tech, Non-Roman alphabet domain names hit the web, http://tech.yahoo.com/blogs/null/154811?comment_start=6&comment_count=20

ICANN, ICANN Statement on IDN Homograph Attacks and Request for Public Comment, http://www.icann.org/en/announcements/announcement-23feb05.htm

ars technica, ICANN begins testing URLs with non-Roman characters, http://arstechnica.com/old/content/2007/10/icann-begins-testing-urls-with-non-roman-characters.ars

This entry was posted in Online Fraud and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>