Phishing comes in many shapes and forms and is a menace which is as old as modern internet itself. This particular piece will cover a more advanced and often dangerously overlooked type of phishing or web-attacks. Phishing involving minor typographical errors is not a new threat to the public.
While the awareness levels of the general public and internet users has increased by leaps and bounds over the years, many can easily still fall prey to devious phishers. It is after all, a common cognitive error wherein readers comprehend the entirety of the text based on a few familiar letters, despite spelling errors and other misplaced letters therein – for example, it is very easy to confuse ‘AstraZeneca’ and ‘AztraZeneca’ or ‘PFIZER’ with ‘PIFZER’.
The internet was designed around the English language. So as more and more non-English speakers have come online, considerable effort has been made to provide support for other languages. One of those efforts is Internationalized Domain Names (IDNs), which allow for domains and TLDs to be registered in other languages.Unfortunately, one of the unintended side effects of this was the advent of homograph attacks.
You can probably see where this is going. By registering a Unicode domain, you can use non-ASCII characters and criminals have figured out that you can create some extremely convincing spoofs using this method.
Here’s how it works, from the standpoint of your computer the American Standard Code for Information Interchange (ASCII) “a” (U+0061) and the Cryillic “ɑ” (U+0430) are entirely different characters, but they are displayed in exactly the same way. That means to the human eye, it’s impossible to tell the difference.
Some hackers use look-alike letters from the Greek, Cyrillic, Armenian, Latin, etc. alphabets, you can create a visually similar domain as a URL. For eg. Covaxin.com is real domain, Covɑxin.com is fake domain.The alphabet “a” used in the fake domain/website is “ɑ” from the Cyrillic alphabet
In a way, such homographic/ homoglyphic spoofing/phishing is very similar to typosquatting and it can be said that these types of web-attacks/scams are even more difficult to detect as compared to traditional typosquatting. Such skilled phishing/spoofing/web-attacks assume even greater importance in today’s world, considering the COVID-19 pandemic. Internet Users must be more aware and cautious than ever before, to not fall prey to such criminals
There is a very real threat of being targeted by web-attacks which may originate from or be based upon domain names/websites which use homographs/homoglyphs to impersonate the original website and steal confidential personal, medical or financial information. As such, it is more important than ever to carefully watch what you read, when dealing with emails/websites/domain names/SMSs, etc. Hence, the old adage Customer Beware is more relevant than ever, especially in this day and age where terms like COVID, VACCINE, etc., have assumed far more importance and visibility than ever before.