Spammers Abusing IDN

Spam mailers, it's said, are exploiting IDN (Internationalized Domain Names) for promoting websites on spam advertisements and penis pills, thus published The Register in news on March 1, 2011.

Warned the MessageLabs Intelligence team of Symantec.cloud, spammers were abusing IDN so they might divert users onto spam websites through web-links they embedded on their spam messages. In this connection, Senior Software Engineer of MessageLabs named Nick Johnston outlined one German spam mail found recently that advertised enhancement drugs while providing web-links that took onto a well known site for URL condensing.

Johnston said that anybody following one of the said web-links was initially diverted onto a Cyrillic type domain name bearing Internet site. That site remained for a moment after which it diverted the user onto another website that asserted as being a Swiss pharma site, he continued. V3.co.uk published this on February 28, 2011.

Furthermore according to Johnston, MessageLabs Intelligence thought that IDN would be increasingly utilized in spam during the forthcoming months particularly because unregistered IDNs might be simpler for acquiring. The Register published this on March 1, 2011.

Johnston added that a few registrars expectedly would encourage a great amount of IDN adoption while offering a few low-priced registries similar to the domains widely used that were introduced during the past years.

Significantly, the recipients aren't expected for realizing that they're navigating through any IDN till the time they closely read the address bar in their browser whilst the momentarily-staying site is open.

Stated Symantec MessageLabs' Paul Wood, IDN's key influence to manipulate anti-spam filters was related to the precise way spammers utilized IDN. Addition of URLs in the manner of Bootstring meant spam-filtering was more or less straightforward, he said. The Register published this on March 1, 2011.

But, according to Wood, incase IDN URLs weren't included in Bootstring manner then it meant more work, especially in light of the multiple encodings of characters with which the said characters could be represented. For conversion to IDN, it would be necessary for converting the characters into Unicode followed with running algorithms prior to eventually performing Bootstring conversion, the expert explained.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 3/9/2011