Breaking the (Uni)code
Noticė anything unusuaI about this sentence? Probably not, unless you are looking really closely. But, take another look at “Noticė.” What’s that little dot doing over the “e?” That’s called a homoglyph, which refers to two characters, or glyphs, that look similar but are not quite the same. We’d be really impressed if you caught this but the “L” in the word “unusual” in the first sentence isn’t actually an “L,” it’s a capital “I,” which is almost indistinguishable.
What does any of this have to do with cybersecurity? Well, online fraudsters are using homoglyphs and Unicodes, programming language assigned to letters, to scam people. One of the best ways to protect yourself from phishing attacks it to check the domain name of the sender of an email. If you receive an email claiming to be from Netflix but the address reads as unfo@nitfl!x.net, you know you have a bad actor on your hands. But, what if you got an email requesting your Apple computer logins from info@аррlе.com? Looks legitimate, doesn’t it? Well, each one of those letters in “apple” is a homoglyph, slightly different from the letters you would type on a keyboard and definitely different from the ones the real Apple would send you. The scammers are hoping that you look at the domain names as your only line of defense and if there are no obviously suspicious changes, you treat the email as real, potentially giving up your sensitive information to bad actors.
Here’s how to protect yourself: look for other red flags besides the domain name. Does the writing in the email seem unusual, unprofessional or presented oddly? Check any links to make sure they are going to sites the email claims they are from. Update your browsers regularly, as many browsers have regularly updating defenses against homoglyph and Unicode attacks.
Homoglyphs and Unicodes are just one more way scammers will try to trick you but your best defense is still your common sense. If you receive an email that seems suspicious or asks you to log into an account, treat with extreme caution.