<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hello, all:</p>
<p>I would like to contribute my suggestions for this IDN Phishing
release.</p>
<p>My suggestion is about framing. It looks like the core framing
that got traction 12 days ago is "Phishing with Unicode Domains".
That is, domains ought to be ASCII, Unicode domains are this
innovation, and it opens a hole. I suggest we confront that
framing head-on, re-frame, and then respond within our own
framing. That's what I've tried to do.</p>
<p>I moved the reference to the term Internationalized Domain Names
out of the first paragraph. The first paragraph summarises the
homograph attack. I introduce the term IDN in its own paragraph,
in the context of making the Internate globally accessible. Thus:
the Internet ought to be global, domain names ought to be global,
IDNs help make domain names global, and the great benefits this
brings outweighs the fact that it adds a few tools to the
scammer's toolkit. <br>
</p>
<p>I also try to frame the scammers as having many tools in their
toolkit, and homograph attacks are a minor part of that toolkit.</p>
I will borrow Jothan's excellent metaphor: treat my redline as a
buffet, put on the tray what works.
<p> --Jim DeLaHunt, Vancouver, Canada<br>
</p>
<p>P.S. I think the Reddit conversation at <<a
href="https://www.reddit.com/r/netsec/comments/65csdk/phishing_with_unicode_domains/">https://www.reddit.com/r/netsec/comments/65csdk/phishing_with_unicode_domains/</a>>
needs a reply that centres the Universal Acceptance and IDNs. I'll
have a go at that also.<br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 2017-04-24 14:40, Don Hollander
wrote:<br>
</div>
<blockquote
cite="mid:DE9A8CD6-9034-4F96-96F6-15046330F9DD@icann.org"
type="cite">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Arial;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Calibri;
mso-fareast-language:EN-US;}
p.MsoFootnoteText, li.MsoFootnoteText, div.MsoFootnoteText
{mso-style-priority:99;
mso-style-link:"Footnote Text Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Calibri;
mso-fareast-language:EN-US;}
span.MsoFootnoteReference
{mso-style-priority:99;
vertical-align:super;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Calibri;
color:windowtext;}
span.FootnoteTextChar
{mso-style-name:"Footnote Text Char";
mso-style-priority:99;
mso-style-link:"Footnote Text";}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:Calibri;
mso-fareast-language:EN-US;}
/* Page Definitions */
@page
{mso-endnote-separator:url("cid:header.htm\@01D2BDA8.08C77350") es;
mso-endnote-continuation-separator:url("cid:header.htm\@01D2BDA8.08C77350") ecs;}
@page WordSection1
{size:595.0pt 842.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">Further
to recent discussion on this list, we have drafted a
document that we plan on posting as a Blog Post to the UASG
Web site that can be referenced by others.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">We
want to get feedback from the community on this document by
Thursday UTC.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">So,
here it is – pasted below and as a word document in case you
want to enable tracking and make amendments. If you have
comments or suggestions, please share them to this group.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">Don<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><a moz-do-not-send="true"
name="_Hlk480546462"><b><span style="font-size:11.0pt"
lang="EN-US">IDNs and Phishing: What You Need to Know<o:p></o:p></span></b></a></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">By
TBD at UASG <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><a
moz-do-not-send="true"
href="https://www.icann.org/resources/pages/idn-2012-02-25-en">Internationalized
Domain Names</a> (IDNs) are growing in popularity, a
testament to their role in the expansion of the global
Internet and the value they provide in connecting
non-English speakers to the Web. However, you may have
noticed a renewed focus over the past week of a script
mixing technique that phishing scammers could potentially
use to trick Internet users into visiting malicious
websites. This phishing method takes advantage of the fact
that characters from various languages and scripts are
sometimes visually similar to each other. For example, the
Cyrillic “</span><span style="font-size:11.0pt" lang="RU">а</span><span
style="font-size:11.0pt" lang="EN-US">” and the <a
moz-do-not-send="true"
href="https://en.wikipedia.org/wiki/ASCII">ASCII</a> “a”
look virtually identical. This technique is known as a
homograph attack. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">Homographic
phishing efforts associated with IDNs are not new. In fact,
they date back to the early 2000s. Registries have since
implemented policies that preclude mixing scripts<a
moz-do-not-send="true" style="mso-footnote-id:ftn1"
href="#_ftn1" name="_ftnref1" title=""><sup><sup><span
style="font-size:11.0pt;font-family:Calibri;mso-fareast-language:EN-US"
lang="EN-US">[1]</span></sup></sup></a> within a
domain name label.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">While
this issue should be taken seriously and serves as an
important reminder of consumer safety, various IDN and
anti-abuse groups are actively working to mitigate potential
threats, and there are already certain browser-set
protections in place. In the meantime, Internet users should
practice the same basic security hygiene that is always
recommended: avoid clicking suspicious links, and use a good
password manager that will only enter login credentials on
trusted sites. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">Equally
important is to recognize the benefits of IDNs and avoid
disabling them, which could lead to an unpredictable user
experience and eventually a decrease in adoption. IDNs are
essential in bringing non-English speakers – the majority of
the world’s population – online, and allowing those users to
create their own highly relevant online identities as well
as navigate the Internet in their native languages. In
addition to the social and cultural benefits of IDNs, they
also represent a significant economic opportunity; a recent
<a moz-do-not-send="true"
href="https://uasg.tech/whitepaper/">report</a>
commissioned by the Universal Acceptance Steering Group
(UASG) found that online spending from new IDN users could
start at USD 6.2 billion per year. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US">The
UASG’s mission is to help software developers and website
owners keep pace with the evolving Domain Name System (DNS)
– and this includes issues around the adoption and
acceptance of IDNs. If you’d like to get involved in helping
work toward a solution to this and other IDN-related issues,
please visit <a moz-do-not-send="true"
href="https://uasg.tech/">https://uasg.tech/</a> or <a
moz-do-not-send="true" href="https://uasg.tech/contact/">get
in touch</a> to learn more. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt" lang="EN-US"><o:p> </o:p></span></p>
</div>
<div style="mso-element:footnote-list"><br clear="all">
<hr align="left" size="1" width="33%">
<div style="mso-element:footnote" id="ftn1">
<p class="MsoFootnoteText"><a moz-do-not-send="true"
style="mso-footnote-id:ftn1" href="#_ftnref1" name="_ftn1"
title=""><span class="MsoFootnoteReference"><span
lang="EN-US"><span class="MsoFootnoteReference"><span
style="font-size:12.0pt;font-family:Calibri;mso-fareast-language:EN-US"
lang="EN-US">[1]</span></span></span></span></a><span
lang="EN-US"> </span><span lang="EN-SG">Exceptions are
practiced for languages with established orthographies and
conventions that require the commingled use of multiple
scripts, e.g. the Japanese writing system.</span><span
lang="EN-US"><o:p></o:p></span></p>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
--Jim DeLaHunt, <a class="moz-txt-link-abbreviated" href="mailto:jdlh@jdlh.com">jdlh@jdlh.com</a> <a class="moz-txt-link-freetext" href="http://blog.jdlh.com/">http://blog.jdlh.com/</a> (<a class="moz-txt-link-freetext" href="http://jdlh.com/">http://jdlh.com/</a>)
multilingual websites consultant
355-1027 Davie St, Vancouver BC V6E 4L2, Canada
Canada mobile +1-604-376-8953
</pre>
</body>
</html>