The stream of spam, scams and phishing attempts increases day after day. Reporting phishing and spam inside Gmail is all well and good but it doesn’t help anyone outside GoogleMail nor solves the issue at heart.

I can only assume the recent increase in scamming and phishing is because either:

Currently “hot news” is the fact that Firefox, Mozilla and Safari browsers have been demonstrated as susceptible to a new form of phishing attack.

Basically all these browsers support International Domain Names (IDN) that let you use the full Unicode set of foreign characters and symbols, and some of these foreign characters while technically different from the Latin ones look identical. In the case demonstrated they have used the Arabic aa to replace a Latin aa in “PayPal” to get another site. This isn’t really anything new, even the original RFC commented on how this would be a problem and the IETF issued guidelines that would have limited their scope if only Verisign actually implemented them. (Specifically the guideline for preventing mixing of languages within a domain name would reduce the scope for attack considerably).