.Asia registry to crack down on phishy domains

The registry for the .asia TLD plans to ban domains associated with phishing.

The registry for the new .asia TLD (top-level domain) plans to ban domain names that are consistently used for phishing sites.

DotAsia Organization has agreed to implement a policy to ban domain names associated with phishing, said Laura Mather, of the Anti-Phishing Working Group (APWG), a consortium of companies and government groups that studies phishing. She is also a senior scientist at MarkMonitor.

It's the first time that a registry has undertaken such a drastic action to stop the proliferation of fake Web sites designed to dupe people into divulging sensitive personal data. Registries are organizations that oversee technical implementation of TLDs.

Phishing remains a huge problem despite improvements in security technology. Phishers attract people to their sites by sending links through spam e-mails. The sites, which spoof well-known brands with similar-looking domain names, are usually kicked off the Internet by Internet service providers after they receive reports that a site is fraudulent.

Often, the phisher switches hosting providers using the same domain name and the game repeats.

Phishers are also increasingly using a technique called "fast flux," which is designed to ensure a Web site is always available. Fast flux allows a Web site to resolve to numerous different IP (Internet Protocol) addresses. If one server fails, a person browsing for the site is automatically redirected to another server hosting it.

Phishers are using fast flux with their sites, meaning the site's IP address changes every few minutes, redirecting to countless servers, all of which would have to be taken down. Fast flux makes it very difficult to keep a site off the Internet, turning antiphishing efforts into an endless game of chase.

"This is the weakest link online today in Internet security," wrote Gadi Evron, a security evangelist with Beyond Security. "We need to be able to get rid of domain names."

But if the TLD registry takes the domain name out of its system, the site will go down permanently, although there are some technical exceptions. One problem is a feature of the Internet's architecture designed to reduced the burden on nameservers, which match a domain name with its corresponding IP address and enable a Web site to be delivered in a browser.

When a person visits a particular Web site, a local nameserver caches the IP address of the domain name. How long the local nameserver refers to its cached record for a Web site is a feature called "time-to-live," which is set by the owner of the Web site and remains in the official DNS (Domain Name System) record for the site.

The problem would come if a registry bans a domain name, but that DNS record is still cached in local nameservers, which would still direct a person browsing to the address, Mather said.

"That's something we are still trying to deal with the technical implementations around," Mather said. "We've got really smart people thinking about it, so there may be something we can do."

Overall, the plan isn't the silver bullet against phishing, Mather said. Phishers could, of course, continue to register new domain names spoofing brands and use fast flux. But they wouldn't be able to use the same domain name over and over again, depriving them of what could be very convincing-looking domain names tricking Internet users.

Join the PC World newsletter!

Error: Please check your email address.

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?