How Non-Latin Domain Names Could Be Used to Steal Your Money

Illustration for article titled How Non-Latin Domain Names Could Be Used to Steal Your Money

Unicode is great because it supports multiple languages simultaneously, bringing international understanding, universal peace, and planetary love. And so is ICANN's decision to allow domain names that use non-Latin alphabets. Until both combine to steal your credit card numbers.


Or your login name, passwords, address, or whatever other data a phishing site can get from you.

Until now, there was an easy way to test if a site was legit or not: You just look at the browser URL. If it's not or or, then it's not those companies' web sites, no matter how well they clone their layout and graphics.

The problem will come in 2010. That's when sites' URLs would start popping in non-Latin alphabets like Cyrillic. And that's when there will be cases of mistaken identity: Just check the image above, in which the russian word "raural" becomes "paypal." According to trademark expert Charlie Abrahams, of MarkMonitor:

The risk for general brand abuse is going to increase exponentially. It's difficult enough in English. At present, most e-mail phishing does not use anything that resembles the real site name. We could see the level of sophistication in phishing attacks increased by the use of foreign languages.

Can you see what this is going to be bring? Yes, unless someone comes up with rules soon, this will bring a big bag full of hurt. [The Times via Masable]

Note: To those readers who said there's no "l" in the Cyrillic alphabet, you are right, there's no "l" in traditional Cyrillic, but there is in the extended Cyrillic supported by Unicode.



Dean Collins

lol @jesus - you couldn't even plagiarize an article properly.

as i explained in the comments on the mashable site there is no cyrillic form for "L" in paypal that can be used in a url.

In addition you cant mix languages in a url (eg all english or all russian - all chinese or all korean etc). So you cant just substitute... certain letters (which is what i originally was trying to do).


Feel free to get in touch if you have any questions.


Dean Collins