Premium
Overview of phishing landscape and homographs in Arabic domain names
Author(s) -
Ahmad Humza,
Erdodi Laszlo
Publication year - 2021
Publication title -
security and privacy
Language(s) - English
Resource type - Journals
ISSN - 2475-6725
DOI - 10.1002/spy2.159
Subject(s) - phishing , arabic , computer science , domain (mathematical analysis) , domain name , world wide web , internet privacy , the internet , linguistics , mathematics , philosophy , mathematical analysis
In this paper, we summarize the latest social engineering phishing attack types with the focus on domain name manipulation. Providing a fake domain is a crucial part of phishing attacks that can be carried out with different techniques such as cybersquatting, typosquattings, or homographs. We argue that homographs with special International Domain Names can be very serious threat for many users that can hardly be identified. We present the analysis of phishing attacks with Arabic domains and conclude that because of the linguistic complexity of the Arabic language and the missing support by the industrial tools expose millions of users to sophisticated domain manipulation based phishing attacks. To reduce the future risk of homograph attacks originating from Arabic internationalized domain names (IDNs) we suggest a change to the registration policy. We also present a browser extension to assist against homographs in current Arabic IDN namespace.