Facebook says its made it easier for developers to spot malicious domains which are hellbend on launching phishing attacks.
It announced on its official blog that it was extending the capabilities of its Certificate Transparency Monitoring tool to make it easier for developers to learn about new domains that were maliciously created to implement phishing attacks. This tool will alert Website owners of these scams so that they can take action to protect their domain & the people who use their Websites.
-
Using different characters to construct a malicious domain that looks similar to a legitimate domain (aka homograph attacks):
- faceb00k[.]com: the letter “o”s in “facebook” are replaced by the number “zero”
We are extending the capabilities of our Certificate Transparency Monitoring Tool to send alerts when certificates are issued for potential phishing domains. Every time a new certificate appears in any public Certificate Transparency Log, our tool analyzes the domains specified by the certificate for phishing attempts by taking into consideration the most common spoofing techniques — such as those described above. If it suspects that the domain is likely associated with phishing, it can notify subscribers of the tool for the legitimate domain by sending email, push, or on-site notifications, depending on their preference.