Best Practices For Addressing IDN Homograph Attacks

Wasabi, like all other public cloud service providers (including AWS, Azure, and GCP), uses publicly registered domain names for our service URLs.   Any URL, including public cloud service URLs, is susceptible to a form of typosquatting known as IDN homograph attacks.  As a result of some news on the potential for IDN homograph attacks in early 2020, Wasabi has been asked for our opinion on this topic (especially as it pertains to best practices to address the problem). 

As explained in an IDN homograph attack wiki article, part of the protection against this type attack comes from web browsers that can defend against the problem.  Also explained in the wiki article is how the domain registrars are working to do their part by preventing the registration of problematic domain names.

Wasabi is doing our part by offering strong security capabilities that include providing the ability to protect access to the Wasabi Management Console via multi-factor authentication and enterprise single-sign on (SSO) methods.  Customers that uses these Wasabi security features help protect themselves against the IDN homograph attack problem because a 'fake' domain that looked like a Wasabi-associated site would not be able to successfully complete the multi-factor authentication and/or enterprise SSO authentication process. 

As is the case with many security threats, it is always best practice to educate your organization about this and other forms of typosquatting.   Organizations may also consider the use of web filtering that is designed to catch this form of fake domains. 

 

Have more questions? Submit a request