Break dns to end scam emails

The internet domain name system allows for almost unlimited naming convention, with the exception of the top level (which will soon be anything anybody wants).

Scammers exploit this by sending emails with the following server names:

http://www.mybank.alliance-leicester.co.uk.iksadd.org.im/

On the surface you get the Alliance and Leicester name so if you are not savy you think your at your bank.  No 99% of legitimate use will not have more than the 3 parts:

www ==> server name
alliance-leicester ==> domain
co.uk ==> Top level domain

The scammers here have 4 sub-domains ( mybank.alliance-leicester.co.uk. ) added to help them pull off their fraud.  Surely browsers and email clients could warn when we have even 1 sub-domain?

Popular posts from this blog

Windows Server and the Task Scheduler Error Code 0x3

The living wage failure

IDE's and speed