Phishing

Introduction

Phishing is a method used by attackers to trick you into disclosing personal information such as username, password, credit card and banking information. The goal for the attacker is to steal your information and/or your money. The information gathered can be used to open fraudulent accounts in your name or make purchases using your financial information. Phishing attacks commonly use email, phone calls or social media to trick you into revealing your personal information.

Punycode Phishing Attacks

The curiously-named system known as Punycode is a way of converting words that can’t be written in ASCII, such as the Ancient Greek phrase ΓΝΩΘΙΣΕΑΥΤΟΝ (know yourself), into an ASCII encoding, like this: xn--mxadglfwep7amk6b. This makes it possible to encode so-called International Domain Names (IDNs)

Punycode Phishing Attacks

If your web browser is displaying “apple.com” in the address bar secured with SSL, but the content on the page is coming from another server (as shown in the above picture), then your browser is vulnerable to the homograph attack (Punycode).

Attacker can register a domain name xn--80ak6aa92e.com and bypass protection, which appears as “apple.com” by all vulnerable web browsers, including Chrome, Firefox and Opera.

Punycode Phishing Attacks 1

PhishTank: PhishTank is a collaborative clearing house for data and information about phishing on the Internet.

Typosquatting: Typosquatting, also called URL hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to any URL (including an alternative website owned by a cybersquatter)

MTvScan Detection Techniques

MTvScan detects possible Suspicious Punycode Phishing Urls.

It find similar-looking domains an attacker can use to attack you.

It detects Typosquatting Urls.

It tests if MX host (mail server) can be used to intercept misdirected e-mails.

It provides PhishTank data to give you PhishTank reported phishing urls.


1 Comment

Viruses, Malwares & Protection of Systems & Web Assets | | · July 6, 2018 at 6:29 am

[…] ESDS’ MTvScan – Malware, threat and security scanner — has been developed specifically to safeguard web assets. Tools like MTvScan are growing popular among organizations since they can detect thousands of types of malware. Equipped deep and proof-based scanning, the MTvScan software performs activities like robust link crawling, banner grabbing, CMS detection, Malware Scan including page defacement, JS Codes, Iframe check, etc., Content Change Monitoring, OWAS Audit, LFI RFI detection, domain reputation check, SSL Scan and phishing. […]

Leave a Reply

Your email address will not be published. Required fields are marked *