Homoglyph and Unicode Phishing Scams
Unicode Keyboard Image

Homoglyph and Unicode Phishing Scams

You may be wondering what homoglyphs and Unicodes are. Homoglyphs are letters or characters that look similar. For example, the character “e” looks similar to the character “ė”. Unicode is a unique code assigned to characters so that any platform or program can understand them. For example, the Unicode for “e” is U+0065, and the Unicode for “ė” is U+0117. Now, cybercriminals are taking advantage of homoglyphs and Unicodes in phishing emails to imitate legitimate organizations.

In a recent scam, cybercriminals send you an email that uses homoglyphs and Unicode to offer you a fake promotion. The email includes a link to log in to receive your promotion. For example, to make the email look more legitimate, cybercriminals could send the email using “N□ėt□fli□ⅹ.com” as the sender. The □ symbol indicates a Unicode character that is not supported in your internet browser, but your browser will automatically omit these unsupported characters when displaying text. In this example, the sender’s email address would display as “Nėtfliⅹ.com”. If you don’t notice the spoofed domain and enter your login credentials, cybercriminals can access your account and steal your sensitive information.

Follow the tips below to stay safe from homoglyph and Unicode scams:

  • Even if the sender’s email address appears to be from a trusted domain, the email could be fake. This technique can be used to impersonate any organization, brand, or even a person.
  • When you receive an email, stop and look for red flags. For example, watch out for text with odd spacing or characters that look strange.

Never click a link in an email that you aren’t expecting. If the email claims that you need to log in to your account, log in to the organization’s website directly to verify any offers or promotions.


Knowbe4 Logo

Stop, Look, and Think. Don’t be fooled.

Protect your network! Learn more about security awareness training for your team.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

More Posts

Zero Trust Image 2
Cybersecurity

Understanding the Basics of Zero Trust

Why It’s Essential for Modern Cybersecurity In today’s digitally-driven world, the traditional perimeter-based security model is no longer sufficient. With the rise of remote work,

Cloud Security Services Image
Cybersecurity

The Five Biggest Cloud Security Threats

(And how to deal with them) Cloud computing has transformed business operations by enabling remote storage of data and applications, boosting agility and efficiency. However,

5 Signs Social Engineering
Cybersecurity

5 Signs of Social Engineering

Legitimate emails can exhibit these traits, but messages with three or more of them are at a higher risk of being part of a social

Digital Toad Image
Cybersecurity

TOAD Attack

What is a TOAD Attack? A TOAD attack, which stands for Telephone-Oriented Attack Delivery, is a relatively new type of phishing attack that combines voice

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs