Technion researchers warn: Faking websites is easier than ever

Three years ago, researchers Evgeniy Gabrilovich and Alex Gontmakher gave the phenomenon a name: homographic attack.

Researchers at the Technion - Israeli Institute of Technology have warned that creating phony sites on the Internet is very simple, and poses a grave danger to unwary surfers.

The Technion announced this week that many articles have recently been published worldwide recalling the warning that doctoral students Evgeniy Gabrilovich and Alex Gontmakher of the Faculty of Computer Science published three years ago in the journal "Communications of the ACM (CACM)". At that time, Gabrilovich and Gontmakher termed the phenomenon "homographic attack." In the article, the pair claimed that in light of initial attempts to register sites in various languages, not just English, phony sites were becoming a danger.

“The need to register sites in other languages is obvious,” they noted. “For example, many Chinese find it difficult to get into Chinese sites because the site names are in English. The solution was found also writing the site name in another language. This requires technological changes in the Internet.”

At the time, the researchers warned, “When this solution is fully realized, it will be very easy to fake sites. Sites names will be integrated with letters from various languages and alphabets that are identical in form to Latin letters and will be able to impersonate the original sites. Thus, for example, we can receive e-mail supposedly from our bank asking for an information update. Clicking on the link will bring us to a site identical in every way to the one of the real bank. The phony site will get our information name, identity number, password. Another danger is faking sites used to transfer various payments to suppliers.”

Three years ago, in order to prove the feasibility of their warning, the two Technion researchers registered a phony Microsoft site, using Cyrillic letters instead of Latin ones. But in this case, surfers who reached the site were told that it was a demonstration site set up for research purposes. At the time, publication of the warning elicited numerous reactions around the world and various organizations distributed the warning.

Since then, technology has developed and today nearly every browser enables access to sites with names written in various languages. Microsoft Explorer is the only browser that does not allow registering sites in non-Latin letters, and therefore, the researchers say, it is relatively safe. Nevertheless, it does not provide the service that other browsers provide to millions of non-English speakers.

Gabrilovich and Gontmakher said that when forgers succeed in convince search engines to put phony sites on their lists, the danger will be very real. This could be carried out by creating many links to the phony site. Search engines evaluate site popularity on the basis of these links.

“The danger is mainly from stealing passwords to secured sites that will enable large-scale fraud and serious damage to the reputation of companies,” the Technion researchers stressed.

Published by Globes [online], Israel business news - www.globes.co.il - on Thursday, February 17, 2005

5 Comments
View comments in rows
Update by email about comments talkback
POST
Comments
Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018