Phoiling Phishing at WWW2006

ckunte.com | Why phishing works

ckunte.com | Why phishing works — Mon, 29 May 2006 09:13:52 GMT

PingBack from http://ckunte.com/archives/2006/05/28/why-phishing-works

re: Phoiling Phishing at WWW2006

Viktor Krammer — Mon, 29 May 2006 16:24:54 GMT

Hello,

I have focused on another aspect of Phishing regarding security issues introduced with Internationalized Domain Names (IDN). The following paper gives an overview of address spoofing attacks and how to specifically deal with the emerging risk of IDN spoofing. I have also implemented and tested the proposed ideas in my free IE add-on Quero.

http://www.quero.at/papers/idn_spoofing.pdf

Viktor

re: Phoiling Phishing at WWW2006

tako — Tue, 30 May 2006 04:48:47 GMT

Sorry for my ignorance, but what is Phoiling Phishing?

re: Phoiling Phishing at WWW2006

EricLaw [MSFT] — Tue, 30 May 2006 23:59:16 GMT

@Tako: This could be rewritten "Foiling fradulent web sites". Using a "ph" instead of a "f" is a fairly common thing in hacker circles.

re: Phoiling Phishing at WWW2006

Dave — Wed, 31 May 2006 10:58:15 GMT

Phishing is definitely a geek term, you should use a more descriptive term in all IE UI.

If someone see's a phishing filter and doesn't know what the term is, how will the feature help them? (and also they'll probably think that someone in the team can't spell 'fishing')

re: Phoiling Phishing at WWW2006

Pacero — Fri, 09 Jun 2006 12:30:32 GMT

I mean, that more of pishing end when email communication will be secured and more of spam be filtered at SMTP layer e.g. by SPF or another technology.