Punycode 用在多國語言網域上,可以用非 ASCII 方式建立「看起來像」的釣魚網站。
方法詳細說明如網站介紹:
It is possible to register domains such as "xn--pple-43d.com", which is equivalent to "аpple.com". It may not be obvious at first glance, but "аpple.com" uses the Cyrillic "а" (U+0430) rather than the ASCII "a" (U+0041). This is known as a homograph attack.
這時候真的跟有沒有綠色標籤等級的憑證有關了!
#Hack #Phishing #Unicode #Domain #新聞資訊 #網域
- Powered by Mxp.TW -FB2WP-