Homoglyph attack
by Felix Kinaro About 1 min reading time
This is whereby a website uses letters or numbers that look similar but may not be in hte same language. For instance, one may register a domain that looks like apple.com
but the letter 'a' is in Cyrillic (U+0430) while the ASCII letter 'a' is (U+0061).
Another trick would be using letters which when combined look like a genuine site, such as rnicrosoft.com
Web browsers handle text in the unicode format, where every character, regardless of the language, has a unique code. However, humans can be easily deceived since the letters appear to be the same regardless of language. Researchers have published various proofs of concept.
With this in mind, a malicious actor can register fake domains in order to trick users into supplying sensitive information. This is made trivial by the fact that they can install valid SSL certificates, hence make everything convincing to the user. Phishing emails may also be sent, encrypted with valid certificates, to trick users further.