martes, 18 de abril de 2017

How to prevent Punycode Phishing Attacks

What is Punycode Phishing Attacks?

It's a intentionally malformed url to "appears to" a well known url, using special characters that looks like "normal" one but aren't the same.

For example:

The second one points to a different domain that it isn't under control of apple, so if we use our user&password to try login we are revealing it to the attacker.

Imagine the same situation with the url of your bank.

The solution

 Use Punycode Alert a Chrome Extension that shows a Warning when you visit a malformed url

Chrome will release a new version of his browser this month

0 comentarios:

Publicar un comentario