Friday, March 29, 2024

Phishing Scam Abuses Unicode Domains

Web application developer Xudong Zheng is sounding the alarm about a new and particularly hard-to-spot kind of phishing attack. It takes advantage of a feature in Chrome, Firefox and Opera that enables the browsers to use foreign characters in domain names. So, for example, https://www.xn--80ak6aa92e.com/ looks like https://www. аpple.com in the browser bar. “It may not be obvious at first glance, but ‘аpple.com’ uses the Cyrillic ‘а’ (U+0430) rather than the ASCII ‘a’ (U+0061),” Zheng writes. “This is known as a homograph attack.”

Zheng set up a proof-of-concept site to demonstrate how phishing attackers could have used the technique to send visitors to a malicious site.

Microsoft Edge and Internet Explorer are not susceptible to the technique because they do not have support for Cyrillic languages. Apple’s Safari browser is also immune.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Popular Articles

Featured