Jesse’s Story of the Day

Jesse Jones digs into homoglyph phishing scams


There’s a new phishing scheme reeling in unwitting consumers through homoglyphs.  A homoglyph is one of two, or possibly more, characters that appear very similar but have different meanings.  Scammers are using look-a-like links to popular websites to trick people into going to fake websites.

Tim Helming from DomainTools said they can be tricky to spot.

“Thing is, you can build a domain name using those other character sets and a lot of the characters look almost identical to the regular standard ones,” Helming explained.

Scammers are using links that look like they take consumers to Apple, Facebook, Twitter, banking sites and more.  But the links are all fake.

“They can put up a page that looks like the real login page and they want to get your user name and password,” Helming said.

Once they have your information, the bad guys will move you along like nothing has happened.

“A lot of times you won’t even realize that you stopped along the way on this bad guy’s domain that took your credentials,” Helming said.  “Now they have your bank logins.”

To catch a homoglyph, you’ll need a mouse.

“When you hover the mouse over a link on a browser, most browsers will display somewhere what the actual link is that you are actually going to go to,” Helming explained.  “Typically, it’s in the lower left corner.”

Check the web address in the lower left display. If it doesn’t match, you’ve got a bad link.

Helming said homoglyphs can appear in emails and on web pages.   Helming also said they can be difficult to catch on handheld devices, so be very careful clicking on links there.

Share on Facebook
Share on Twitter