[Standards-JIG] proto-JEP: Best Practices toPrevent PhishingAttacks on the Jabber/XMPP Network

Trejkaz trejkaz at trypticon.org
Thu Nov 17 01:02:42 UTC 2005


> Tomasz Sterna wrote:
>> 2005/11/16, Ian Paterson <ian.paterson at clientside.co.uk>:
>>> Perhaps you could (also) provide a more realistic example e.g. the
>>> substitution of one letter wih a number.
>>
>> Or l with I. With most non-sherif fonts these are literally
>> unrecognisable.
>
> Sure. The example people always use is paypa1.com (with the number
> "one") vs. paypal.com (with the letter "el") so perhaps I'll use that. I
> kind of like that Cherokee example, though. ;-)

Hmm... interestingly, "1 vs. l" would only trick people using serif, while
"l vs I" would only trick people using sans-serif.  But international
characters are certainly more fun.

The classic example of the internationalised characters being used would
be the Cyrillic A.

TX





More information about the Standards mailing list