# Phish
## Quick
Buy old domain
Email/server account SMTP
DNS
WEB SERVER + SSL
Macros
Dropper
**Misspelling:** goggle.com Vs google.com
**Additional Period:** go.ogle.com Vs google.com
**Switching numbers for letters:** g00gle.com Vs google.com
**Phrasing:** googles.com Vs google.com
**Additional Word:** googleresults.com Vs google.com
\
**TLD Alternatives:**
A TLD (Top Level Domain) is the .com .net .co.uk .org .gov e.t.c part of a domain name, there are 100's of variants of TLD's now. A common trick for choosing a domain would be to use the same name but with a different TLD. For example, register turbosec.co.uk to impersonate turbosec.net
**IDN Homograph Attack/Script Spoofing:**
Originally domain names were made up of Latin characters a-z and 0-9, but in 1998, IDN (internationalized domain name) was implemented to support language-specific script or alphabet from other languages such as Arabic, Chinese, Cyrillic, Hebrew and more. An issue that arises from the IDN implementation is that different letters from different languages can actually appear identical. For example, Unicode character U+0430 (Cyrillic small letter a) looks identical to Unicode character U+0061 (Latin small letter a) used in English, enabling attackers to register a domain name that looks almost identical to another.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://book.turbosec.net/phish.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.