Phishing Scam Abuses Unicode Domains

By HTMLGoodies Staff

Web application developer Xudong Zheng is sounding the alarm about a new and particularly hard-to-spot kind of phishing attack. It takes advantage of a feature in Chrome, Firefox and Opera that enables the browsers to use foreign characters in domain names. So, for example, https://www.xn--80ak6aa92e.com/ looks like https://www. аpple.com in the browser bar. "It may not be obvious at first glance, but 'аpple.com' uses the Cyrillic 'а' (U+0430) rather than the ASCII 'a' (U+0061)," Zheng writes. "This is known as a homograph attack."

Zheng set up a proof-of-concept site to demonstrate how phishing attackers could have used the technique to send visitors to a malicious site.

Microsoft Edge and Internet Explorer are not susceptible to the technique because they do not have support for Cyrillic languages. Apple's Safari browser is also immune.

View article

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
Thanks for your registration, follow us on our social networks to keep up-to-date