Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Infosec Island: When Is Apple.com Not Apple.com?

To get up to speed on the latest technique used by phishing site operators to present legitimate-but-fake (!) web sites, check out Cyren security researcher Magni Sigurdsson’s column in Infosec Island, which details how cybercriminals are exploiting a browser capability for representing non-Latin characters to make users think they really are at apple.com, or other trusted brands’ sites, and snagging their login credentials.

As Magni explains in the article, the vulnerability is attributable to something called Punycode and affects Google Chrome, Mozilla Firefox and the Opera web browsers. It can be very hard to identify pages which are not the real thing without carefully inspecting the site’s URL or checking the SSL certificate.

By using, for example, the Cyrillic “a”, the attacker is able to make it appear in the address bar that you really are at the paypal.com which spells itself that way only with characters from the Roman alphabet. Enjoy Magni’s analysis!

“paypḁl.com” that has already been blocked by Google.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...