[UA-EAI] Final version: “Considerations for Naming Internationalized Email Mailboxes”
Arnt Gulbrandsen
arnt at gulbrandsen.priv.no
Tue Sep 22 07:56:52 UTC 2020
On Tuesday 22 September 2020 04:52:01 CEST, Jiankang Yao wrote:
> Do we need to add some discussion about "visual similarity of
> the string " to reduce the phising attack?
IMO no.
Phishing attacks don't rely on that, anyway. They send mail from addresses
like these:
From: Amazon Security Team <fjhkasdgfhj at jsdfkff.ea>
From: Amazon <info at amazoncsteam.kadingabob.tw>
From: Amazon Customer Service <amazon45432135 at outlook.com>
From: Amazon <info at amazon-security-team2.in>
Judging by how much effort the phishers put into the styling and logos in
the message body, and how little they put into the choice of domain, visual
domain similarity seems like a very minor factor.
Arnt
More information about the UA-EAI
mailing list