Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Infosec Island: When Is Not

To get up to speed on the latest technique used by phishing site operators to present legitimate-but-fake (!) web sites, check out Cyren security researcher Magni Sigurdsson’s column in Infosec Island, which details how cybercriminals are exploiting a browser capability for representing non-Latin characters to make users think they really are at, or other trusted brands’ sites, and snagging their login credentials.

As Magni explains in the article, the vulnerability is attributable to something called Punycode and affects Google Chrome, Mozilla Firefox and the Opera web browsers. It can be very hard to identify pages which are not the real thing without carefully inspecting the site’s URL or checking the SSL certificate.

By using, for example, the Cyrillic “a”, the attacker is able to make it appear in the address bar that you really are at the which spells itself that way only with characters from the Roman alphabet. Enjoy Magni’s analysis!

“paypḁ” that has already been blocked by Google.

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...