Phishing Scam Abuses Unicode Domains

By HTMLGoodies Staff

WEBINAR: On-demand webcast

How to Boost Database Development Productivity on Linux, Docker, and Kubernetes with Microsoft SQL Server 2017 REGISTER >

Web application developer Xudong Zheng is sounding the alarm about a new and particularly hard-to-spot kind of phishing attack. It takes advantage of a feature in Chrome, Firefox and Opera that enables the browsers to use foreign characters in domain names. So, for example, https://www.xn--80ak6aa92e.com/ looks like https://www. аpple.com in the browser bar. "It may not be obvious at first glance, but 'аpple.com' uses the Cyrillic 'а' (U+0430) rather than the ASCII 'a' (U+0061)," Zheng writes. "This is known as a homograph attack."

Zheng set up a proof-of-concept site to demonstrate how phishing attackers could have used the technique to send visitors to a malicious site.

Microsoft Edge and Internet Explorer are not susceptible to the technique because they do not have support for Cyrillic languages. Apple's Safari browser is also immune.

View article



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date