« Castle in the Clouds | Main | What To Do? »

February 18, 2005

The Difficult Internet, Part 1: In the Clever Evil Phishers Dept...

Last weekend, to my mom's horror and indignation, I explained "phishing" and how web users are at risk to it. The example I used was paypal.com versus paypel.com, a small but distinguishable vowel shift that could viably crop up either as a typo or as a phish attempt via email etc. "They can do that?!" she exclaimed, "Wow, I had no idea! That's so dangerous."

Yes, I've been thinking for a while that this whole internet thing has spectacularly failed to become easier to use since, oh, ARPANET. Online life is still too tricky for all except the 1337.

Anyways, this jives with a difficult conceptual problem as the web moves to allow Unicode chars in domain names. Suddenly, my example to my mom seems quaint. This stuff is subtle and hard. For the record, good going on the FireFox team for disabling IDN until they work out the issue. Protect your users and they will love you for it. Right, MSFT & APPL? Right Verisign? Right, all ye TLD registrars who allow obvious phish attempts to register domains?

Want an example?
IDNSpoof.jpg

Trackback Pings

TrackBack URL for this entry:
http://chattablogs.com/mt/mt-tb.cgi/18717

Listed below are links to weblogs that reference The Difficult Internet, Part 1: In the Clever Evil Phishers Dept...:

Comments

Post a comment










Remember personal info?