[{"data":1,"prerenderedAt":192},["ShallowReactive",2],{"blog:2005:phishingwithidns":3,"blogMore-Technology":178,"comments-phishingwithidns":191},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":9,"date":10,"category":11,"tags":12,"excerpt":15,"body":61,"_type":168,"_id":169,"_source":170,"_file":171,"_stem":172,"_extension":173,"url":174,"wordCount":175,"minutes":176,"commentCount":177},"/blog/2005/phishingwithidns","2005",false,"en","Phishing with IDNs","Currently “hot news” is the fact that Firefox, Mozilla and Safari browsers have been demonstrated as susceptible to a new form of phishing attack.","2005-02-09T10:45:00+00:00","Technology",[13,14],"Firefox","security",{"type":16,"children":17},"root",[18,34],{"type":19,"tag":20,"props":21,"children":22},"element","p",{},[23,26,28,30,32],{"type":24,"value":25},"text","Currently “hot news” is the fact that Firefox, Mozilla and Safari browsers have been ",{"type":24,"value":27},"demonstrated",{"type":24,"value":29}," as susceptible to a new form of ",{"type":24,"value":31},"phishing",{"type":24,"value":33}," attack.",{"type":19,"tag":20,"props":35,"children":36},{},[37,39,41,43,49,51,55,57,59],{"type":24,"value":38},"Basically all these browsers support ",{"type":24,"value":40},"International Domain Names (IDN)",{"type":24,"value":42}," that let you use the full Unicode set of foreign characters and symbols, and some of these foreign characters while technically different from the Latin ones look identical. In the case demonstrated they have used the Arabic ",{"type":19,"tag":44,"props":45,"children":46},"strong",{},[47],{"type":24,"value":48},"a",{"type":24,"value":50}," to replace a Latin ",{"type":19,"tag":44,"props":52,"children":53},{},[54],{"type":24,"value":48},{"type":24,"value":56}," in “PayPal” to get another site. This isn’t really anything new, even the original RFC commented on how this would be a problem and the IETF ",{"type":24,"value":58},"issued guidelines",{"type":24,"value":60}," that would have limited their scope if only Verisign actually implemented them. (Specifically the guideline for preventing mixing of languages within a domain name would reduce the scope for attack considerably).",{"type":16,"children":62,"toc":164},[63,82,110,124,138,155],{"type":19,"tag":20,"props":64,"children":65},{},[66,67,74,75,81],{"type":24,"value":25},{"type":19,"tag":48,"props":68,"children":72},{"href":69,"rel":70},"https://www.shmoo.com/idn/",[71],"nofollow",[73],{"type":24,"value":27},{"type":24,"value":29},{"type":19,"tag":48,"props":76,"children":79},{"href":77,"rel":78},"https://en.wikipedia.org/wiki/Phishing",[71],[80],{"type":24,"value":31},{"type":24,"value":33},{"type":19,"tag":20,"props":83,"children":84},{},[85,86,92,93,97,98,102,103,109],{"type":24,"value":38},{"type":19,"tag":48,"props":87,"children":90},{"href":88,"rel":89},"https://en.wikipedia.org/wiki/Internationalized_domain_names",[71],[91],{"type":24,"value":40},{"type":24,"value":42},{"type":19,"tag":44,"props":94,"children":95},{},[96],{"type":24,"value":48},{"type":24,"value":50},{"type":19,"tag":44,"props":99,"children":100},{},[101],{"type":24,"value":48},{"type":24,"value":56},{"type":19,"tag":48,"props":104,"children":107},{"href":105,"rel":106},"https://www.icann.org/general/idn-guidelines-20jun03.htm",[71],[108],{"type":24,"value":58},{"type":24,"value":60},{"type":19,"tag":20,"props":111,"children":112},{},[113,115,122],{"type":24,"value":114},"One thing that is amusing is the Internet Explorer fans reaction that their browser isn’t susceptible. This is true but only because Microsoft ",{"type":19,"tag":48,"props":116,"children":119},{"href":117,"rel":118},"https://support.microsoft.com/Default.aspx?kbid=842848",[71],[120],{"type":24,"value":121},"hasn’t added IDN support",{"type":24,"value":123}," to IE, instead recommending you install a third-party plug-in to do it.",{"type":19,"tag":20,"props":125,"children":126},{},[127,129,136],{"type":24,"value":128},"Head over to ",{"type":19,"tag":48,"props":130,"children":133},{"href":131,"rel":132},"https://www.idnnow.com/index.jsp",[71],[134],{"type":24,"value":135},"Verisign, install the plug-in",{"type":24,"value":137},", and you too can have exactly the same “exploit”.",{"type":19,"tag":139,"props":140,"children":141},"blockquote",{},[142],{"type":19,"tag":20,"props":143,"children":144},{},[145,147,153],{"type":24,"value":146},"Some 12 hours later it appears the rest of the world twigs and Secunia ",{"type":19,"tag":48,"props":148,"children":150},{"href":149},"https://secunia.com/advisories/14209/",[151],{"type":24,"value":152},"issues this advisory",{"type":24,"value":154},".",{"type":19,"tag":20,"props":156,"children":157},{},[158],{"type":19,"tag":159,"props":160,"children":161},"em",{},[162],{"type":24,"value":163},"[)amien",{"title":165,"searchDepth":166,"depth":166,"links":167},"",2,[],"markdown","content:blog:2005:phishingwithidns.md","content","blog/2005/phishingwithidns.md","blog/2005/phishingwithidns","md","/blog/2005/phishingwithidns/",210,1,0,[179,183,187],{"title":180,"date":181,"url":182},"VTX5000: Part 4 - Communications ","2026-05-06T10:19:24.727Z","/blog/2026/vtx5000-part-4-comms-routines/",{"title":184,"date":185,"url":186},"VTX5000: Part 3 - Software ROM","2026-04-15T23:00:00.000Z","/blog/2026/vtx5000-part-3-software-rom/",{"title":188,"date":189,"url":190},"VTX5000: Part 2 - Hardware","2026-03-30T23:00:00.000Z","/blog/2026/prism-vtx5000-part-2/",[],1779264579198]