The ingenuity of phishers, spammers, virus writers, and certain viral facebook app developers never ceases to amaze me. Almost as much as it angers me.
One phishing “trend” I’ve seen lately is to exploit the fact that most users don’t understand the difference or the significance of a “.” versus a “/” in a URL. Consider this phishing email that I received a few minutes ago:
So even users who have learned that they should examine a suspicious URL might be fooled: After all, the URL clearly has “compassbank.com” in it, and near the beginning. Who would think that the “.” after “com” (instead of a “/”) would make all the difference in the world?
The geeky explanation: A domain owner is allowed to make any number of subdomains and name them whatever they want. Those are the names that appear to the left of a purchased domain name. I own wanderingstan.com, so I can easily create
google.wanderingstan.com
or
facebook.com.pictures.wanderingstan.com.
Given some context (e.g. an email like above) it wouldn’t be hard to convince average users that these are official google.com or facebook.com URLs.
This goes back to the original problem that I attempted to solve with Outfoxed; that we cannot count on the masses to educate themselves on all the details of computer security. My mom will never consult the URL specification.
People want to –need to– delegate their online protection to others that they trust. The trick is how to publish and communicate this trust information quickly. We’re still waiting for that solution.
(P.S. You can see I am using Outlook. For the record, I do not like Outlook. It sucks, and I will write more about this soon.)
Those devious BASTARDS!!! Oh, by the way, I just got hired by Google! Check out my company profile page here: http://google.com.paulsalamone.com/newhires
Welcome back to the blogosphere dude, see what you missed?