Programming Blog
Web development , php , ajax , symfony, framework, zend
PayPal vs Fake PayPal: Can You Tell the Difference? [PIC]
In: web resources
2 Jan 2010
Back in October, we wrote about a new policy approved by the Internet Corporation for Assigned Names and Numbers (ICANN) that will allow non-Latin domain names to be registered in early to mid 2010. This is really exciting for Internet users in areas that use non-Latin alphabets (like Arabic, Japanese, Chinese and Cyrillic), who have spent the last fifteen years without full domain opportunities.
However, as the Times Online pointed out this week, this international progress also has some potentially disastrous opportunities for scammers and phishing sites. This is because of the characters that render the same way (despite different meanings) in different scripts. For instance, Cyrillic scripts, which is the basis for the Russian language, shares some of the same letterforms as the Latin alphabet. What this means is that potential evil-doers could register a domain using non-Latin characters that appears to spell out a Latin word.
Example: Real PayPal.com Versus Fake PayPal.com
The Times Online article uses PayPal — already a frequent phishing target — as an example.
If the domain, created using Cyrillic scripts “raural.com” was registered, the way that Unicode-browsers will actually render that domain in latin is as “paypal.com.” In theory, phishers could pass around that link and set up a fake version of the PayPal site to harvest logins and credit card data.
I’ve made this graphic for even better illustration:
Pretty scary, no? As of right now, ICANN hasn’t instituted any policies of trying to protect these kinds of situations, meaning it might be that much more difficult for even normally cautious users to avoid being scammed. Of course, a certain amount of the success of these scams is determined by how well different mail and browsing programs handle Unicode. However, most modern browsers and operating systems have strong Unicode support, which makes deciphering the differences that much more difficult.
Not all Latin letters are represented in Cyrillic, for instance, but for companies that can have their brand compromised, we hope they look at locking those domains up quickly.
Tags: ICANN, IDN, international domain names, phishing scams, security
Comment Form
About this blog
This blog delivers stylish and dynamic news for designers and web-developers on all subjects of design, ranging from: CSS, Ajax, Javascript, web design, graphics, typography, advertising & much more. Our goal is to help you communicate effectively on the web with an engaging website or functional interface.
3 Responses to PayPal vs Fake PayPal: Can You Tell the Difference? [PIC]
mubeweras
March 13th, 2010 at 2:07 am
You need to register your business in your province and with your national government.
Whatever the Canadian version of the American IRS should be notified too.
Paypal is legal in Canada as is Google checkout.
Using legal payment methods is not the only requirement to making your business legal.
emily_etie
March 19th, 2010 at 6:17 am
Oh, I am a wiz at this. There a hundreds of websites to choose from. Here are some sources:
Just type whatever you're looking for on the google search and make sure you add, "…for the sims 2…" and thousands of lists should pop up.
The ones I listed are some of the best. Sim Away!
James
March 19th, 2010 at 12:49 pm
There is now law that protects private individuals from true and accurate reporting about themselves, as long as the information is legally obtained. The difference between private and public figures comes when you get into the realm of false information. Private individuals only have to show that a false statement is actually false to prevail on defamation claims. There is a general principle, established by courts, that public figures have to meet a high burden of proof in defamation cases, showing that the person reporting showed "actual malice" in reporting what they did. Because of this, supposedly private information is more freely reported about public figures.