IDN Forums - Internationalized Domain Names  
Home | Advertise on idnforums | Premium Membership

Go Back   IDN Forums - Internationalized Domain Names > IDN Discussions > General Discussion

General Discussion Feel free to talk about anything and everything in this board.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 30th July 2008, 05:47 AM
IDNer's Avatar
Senior Member
 
Join Date: Sep 2005
Location: IDNs.pro & IDN.club
Posts: 1,584
iTrader: (38)
Rep Power: 1692
IDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enoughIDNer will become famous soon enough
Send a message via MSN to IDNer
Can you tell a good URL from a bad one?

Can you tell a good URL from a bad one?

Markus Jakobsson July 29, 2008

Quote:
Look at these three URLs: http://democratic-party.us, http://wachovia.pin-update.com, http://accountonline.com

Can you tell which (if any) correspond to legitimate service providers? Do you think the average Internet user can tell, too?

In fact, most people have no idea how to tell a good URL from a bad one. A recent Indiana University study I co-authored with Jacob Ratkiewicz (download PDF) showed that Internet users are not the least suspicious of so-called cousin-name domains. A cousin-name domain is a URL like http://www.democratic-party.us that is "semantically correct" - in this case it makes it look like it should belong to the Democratic Party. The study also showed that most people do not identify sub-domain attacks in which the subdomain is used to semantically defraud -- like http://www.wachovia.pin-update.com has nothing to do with Wachovia.

Part of the problem is that people are people, not string matching machines. We are just not very good at remembering things verbatim, but we are pretty good at making sense of cues - which is what gets us into trouble. But that's not all. The problem is made worse by companies that register and use domains that have nothing in particular to do with their brand. Like http://www.accountonline.com, which belongs to CitiBank and is used to access credit card accounts. Why not use the regular citibank.com domain? Or at least citicards.com? Now, CitiBank is not the only financial institution that uses weird domains ... unfortunately, this is the rule rather than the exception.

What should we conclude from this? First of all, phishers and crimeware authors will make increasing use of deceptive domain names. This means that blacklisting will become less and less meaningful and that we will have to rely on whitelisting, heuristics, and our own ability to be careful. Not a happy thought.

What do we need to do? First of all, we need to educate our users (see http://www.SecurityCartoon.com and http://cups.cs.cmu.edu/antiphishing_phil/ for two lighthearted approaches). Second, service provides need to think about what domains they use and how any inconsistencies may come back to haunt them. And third, we need to develop tools that recognize what people can and cannot do.
http://www.itworld.com/tech-society/...od-url-bad-one
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 06:29 PM.

Site Sponsors
Your ad here
buy t-shirt
מחיר הזהב

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Copyright idnforums.com 2005

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54