Communications of the ACM - Ontology: different ways of representing the same concept
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Protecting Users Against Phishing Attacks with AntiPhish
COMPSAC '05 Proceedings of the 29th Annual International Computer Software and Applications Conference - Volume 01
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Exposing homograph obfuscation intentions by coloring unicode strings
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Finding homoglyphs: a step towards detecting unicode-based visual spoofing attacks
WISE'11 Proceedings of the 12th international conference on Web information system engineering
Sophisticated phishers make more spelling mistakes: using URL similarity against phishing
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
PhishCage: reproduction of fraudulent websites in the emulated internet
Proceedings of the 6th International ICST Conference on Simulation Tools and Techniques
| Hi-index | 0.00 |
Address spoofing is a common trick used in phishing scams to confuse unsuspecting users about a Web site's real origin. With the introduction of Unicode characters into domain names, also known as Internationalized Domain Names (IDN), the risk has significantly increased even for the most cautious users. The author explores the various types of address spoofing attacks focusing on IDN, and presents a novel client-side Web browser plug-in Quero which implements several techniques---including highlighting---to protect the user against visually undistinguishable address manipulations.