As internet ‘spoofing’ gets better, users surf into sea of sharks

LAS VEGAS — It’s easier than ever to get waylaid on the internet, diverted to dangerous territory where scam artists await with traps baited for the unsuspecting user.

It’s all about devious misdirection, fumble-fingered typing and how our brains can confuse what our eyes see. Big money can await the clever scamster, and costs are rising for corporations and politicians who do not take heed.

The problems lie in the inner workings of the internet, and touches on issues like the vast expansion of the combination of words, dots and symbols that comprise internet addresses.

It’s no longer just .com, .net., .org and a handful of others. Now, there are 1,900 new extensions, known as top-level domains, things like .beer, .camera, .city, .dating, .party and .shop.

“We see a ton of them being used maliciously,” said Mikko Hypponen, chief research officer at Finnish security company F-Secure, who called the new endings “a big headache.”

The problems revolve around what computer scientists refer to as “spoofing” of the Domain Name System, or DNS, which has been called the phone book of the internet. It’s been going on for a while, and touches on what users type into the address bar of a browser window or click on at a website. There are new ways to make phony addresses look real.

“Creating a spoofed domain name, or even hijacking a domain name, has become a lot easier today,” said Israel Barak, chief information security officer at Cybereason, a cyber security firm based in Boston.

Just a few years ago, spoofing an internet address, say, microsoft.com, was primitive.

“You would have to maybe change that ‘i’ to a 1. I’m going to be M1crosoft with a 1 today, or even change the ‘o’ to a zero, or change the ‘t’ to a seven. For senior citizens with fuzzy vision like I’m starting to get, you might squint at that and say, ‘Looks like Microsoft to me,'” said Paul Vixie, chief executive of Farsight Security, a San Mateo, Calif., company.

An internet pioneer, Vixie has been involved in its governance for three decades. He is an architect of some of the protocols used in the DNS system and advises the non-profit Internet Corporation for Assigned Names and Numbers, the Los Angeles non-profit that serves as the guardrails for the borderless global internet.

But Vixie said the internet is still in its Wild West phase. He compared the online world today to the era of highways before seatbelts and airbags.

“It just takes us some time to catch up. First, you innovate, you kill a lot of people or steal a lot of money, whatever it is, and then somebody comes along and says we got to secure this somehow. We’re still in that first phase here,” Vixie said.

To bridge the gap between English-speaking and non-English-speaking worlds, internet organizers have incorporated domain names utilizing characters covering 139 modern and historic scripts. It’s not just major scripts like the Cyrillic alphabet and Chinese characters. It’s also Runic, Buhid, Rejang and dozens of other obscure language scripts.

Scamsters have had a field day with parts of those scripts. They’ve inserted look-alike characters into internet addresses, sending users to bogus malicious, websites.