Person with mask holding laptop computer

Hackers’ new way to phish you

As more people get wiser at detecting phishing attempts by looking at the web address bar, hackers have found a new way to fool people.

The best way to explain this new phishing trick is to use an example.

“bibox.com” is the web domain of a legitimate business. Hackers, however, reserved a different web domain: “bỉbox.com”. Do you notice the difference between “bibox.com” and “bỉbox.com”?

The visual difference very subtle. In the second web domain, the second letter is NOT the letter “i”. It is actually a Vietnamese character. In small screens, it is extremely easy to miss the difference. So, basically, hackers are exploiting the fact that some foreign language characters look extremely similar to standard Roman alphabets.

So, how do you protect yourself?

At the time of writing, only Firefox will display the hacker’s web domain as “bỉbox.com” in the web address bar. However, Chrome, Safari and Edge will not display it according to the foreign language display. They will display the web domain as: “xn--bbox-vw5a[.]com” (technically called the “punycode” display).

To force Firefox to always display the puny code of web address (instead of the foreign language display), you need to do this in Firefox:

  • Type “about:config” without the quotes into a Firefox web address bar
  • In the “search:” box type “punycode,” and you should see one or two options like this:
  • Double-click on the “network.IDN_show_punycode” to ensure that it is set to “true”.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from iSecurityGuru

Subscribe now to keep reading and get access to the full archive.

Continue reading