.Asia registry to crack down on phishy domains

.Asia registry to crack down on phishy domains

The registry for the .asia TLD plans to ban domains associated with phishing.

The registry for the new .asia TLD (top-level domain) plans to ban domain names that are consistently used for phishing sites.

DotAsia Organization has agreed to implement a policy to ban domain names associated with phishing, said Laura Mather, of the Anti-Phishing Working Group (APWG), a consortium of companies and government groups that studies phishing. She is also a senior scientist at MarkMonitor.

It's the first time that a registry has undertaken such a drastic action to stop the proliferation of fake Web sites designed to dupe people into divulging sensitive personal data. Registries are organizations that oversee technical implementation of TLDs.

Phishing remains a huge problem despite improvements in security technology. Phishers attract people to their sites by sending links through spam e-mails. The sites, which spoof well-known brands with similar-looking domain names, are usually kicked off the Internet by Internet service providers after they receive reports that a site is fraudulent.

Often, the phisher switches hosting providers using the same domain name and the game repeats.

Phishers are also increasingly using a technique called "fast flux," which is designed to ensure a Web site is always available. Fast flux allows a Web site to resolve to numerous different IP (Internet Protocol) addresses. If one server fails, a person browsing for the site is automatically redirected to another server hosting it.

Phishers are using fast flux with their sites, meaning the site's IP address changes every few minutes, redirecting to countless servers, all of which would have to be taken down. Fast flux makes it very difficult to keep a site off the Internet, turning antiphishing efforts into an endless game of chase.

"This is the weakest link online today in Internet security," wrote Gadi Evron, a security evangelist with Beyond Security. "We need to be able to get rid of domain names."

But if the TLD registry takes the domain name out of its system, the site will go down permanently, although there are some technical exceptions. One problem is a feature of the Internet's architecture designed to reduced the burden on nameservers, which match a domain name with its corresponding IP address and enable a Web site to be delivered in a browser.

When a person visits a particular Web site, a local nameserver caches the IP address of the domain name. How long the local nameserver refers to its cached record for a Web site is a feature called "time-to-live," which is set by the owner of the Web site and remains in the official DNS (Domain Name System) record for the site.

The problem would come if a registry bans a domain name, but that DNS record is still cached in local nameservers, which would still direct a person browsing to the address, Mather said.

"That's something we are still trying to deal with the technical implementations around," Mather said. "We've got really smart people thinking about it, so there may be something we can do."

Overall, the plan isn't the silver bullet against phishing, Mather said. Phishers could, of course, continue to register new domain names spoofing brands and use fast flux. But they wouldn't be able to use the same domain name over and over again, depriving them of what could be very convincing-looking domain names tricking Internet users.

ARN Survey on MSPs
ARN needs to profile the Managed Service Provider (MSP) in YOU!, so please spare a moment and TAKE THE MSP SURVEY NOW

Follow Us

Join the ARN newsletter!

Error: Please check your email address.



IN PICTURES: Veritas end of year party in Melbourne (+45 photos)

IN PICTURES: Veritas end of year party in Melbourne (+45 photos)

Veritas recently hosted its end-of-year event for its partners and customers at Club 23, Crown Towers in Melbourne. As the company is progressively launching its new company and brand – all things red was the theme for the evening. Veritas' Paul Simos made his thank you speech while guests mingled amongst drinks and food. Here are some pictures from the evening.

IN PICTURES: Veritas end of year party in Melbourne (+45 photos)
IN PICTURES: QNAP enterprise launch VIP event (+37 photos)

IN PICTURES: QNAP enterprise launch VIP event (+37 photos)

QNAP recently held a channel event for its key partners in Melbourne where its vendor partners took the opportunity to showcase their latest technologies. Some of them also took to stage and spoke about some of the current trends in the market. Here are some pictures from the Melbourne event.

IN PICTURES: QNAP enterprise launch VIP event (+37 photos)
IN PICTURES: IBM A/NZ Business Partner Symposium 2015 (+16 images)

IN PICTURES: IBM A/NZ Business Partner Symposium 2015 (+16 images)

​The newly revamped IBM A/NZ, including new channel boss, Rhody Burton, unveiled its One Channel programme as part of its 2015 Business Partner Symposium at Sydney's Luna Park. Photos By Allan Swann

IN PICTURES: IBM A/NZ Business Partner Symposium 2015 (+16 images) is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments