Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Late last year, Trend Micro senior threat researcher Ben April discussed the security implications of using internationalized domain names (IDNs). IDNs are domain names that use non-English/non-ASCII characters. As Ben discussed, there are several ways by which cybercriminals can abuse IDNs and use these in their malicious attacks. Today, we saw such abuse, as spammers used IDNs as spam URLs.

    We recently got hold of a spam sample that contained a Russian IDN URL:

    Click for larger view Click for larger view

    The availability of IDNs gives spammers more room to create spam domains. Since domain names are no longer limited to just English characters, non-English domains can also be registered. As such, more domains can be used and housed for spamming activities. Other spammers can also use the punycode version of URLs, which is the encoding syntax for the IDN in ASCII format. This will require more effort for signature blocking or blacklisting.

    More spammed messages such as the one above indicates that IDN URL usage for spamming may increase in number as time goes by.

    The Trend Micro™ Smart Protection Network™, through the Web reputation technology protects users from threats that may be delivered using IDNs.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice