Spot Fake URLs with Cyrillic Letters This Way
You are in a hurry to get someplace when all of a sudden you receive an email, SMS, or chat message urging you to click a URL. The URL can appear to be official from your bank. You might be startled to learn that what you see might not be real. In fact, it is so difficult to identify that it is really concerning. In order to disguise the actual website under the guise of your bank, the similar-looking URL can contain characters written in the Cyrillic alphabet (a script used by Russian and Slavic nations).
A method known as homograph spoofing may be used to produce fake URLs using Cyrillic characters. Using characters from other scripts, such as Cyrillic, that aesthetically mimic characters from the Latin alphabet is known as homograph spoofing. This method is employed to construct URLs that resemble trustworthy websites but point to alternative locations. It's crucial to remember that these behaviors are frequently linked to phishing scams and other unwanted behavior.
In order to build bogus URLs, hackers have also used letters that are identical to the original in Armenian, Hebrew, Chinese, and Greek. However, Cyrillic is the most favoured language for scammers or hackers because to its 11 lower-case characters that are identical to — or extremely close to — Latin letters and digits.
Security researcher Xudong Zheng successfully executed a homograph spoofing demonstration in 2017. He acquired a foreign-character domain to mimic apple.com. Even the domain's security certificate was obtained by him.
Because many Unicode characters are hard to tell apart from normal American standard code for information interchange (ASCII) characters, Unicode domains might provide security challenges. Domains like "xn-pple-43d.com," which is the same as "apple.com," are registrable. The Cyrillic "a" (U+0430) is used on "apple.com" instead of the ASCII "a" (U+0061), which may not be immediately apparent.
Another bogus URL utilizing Cyrillic characters is shown here:
Valid website: openai.com
Untrue URL: openai.com (The concealed URL, xn--n-8sbn9ak9k.com, transforms into openai.com using ASCII, the most widely used character encoding for text data.)
The Latin letters "p" and "a" are swapped out for the Cyrillic letters "o" and "i," respectively, to create a false URL that looks like the original.
Prior to 1998, domain names could only be typed in Latin letters without any accent marks. However, after then, additional characters, including Cyrillic, Chinese, and Arabic, are permitted for domain names. As a result, fraudsters now have a new channel through which to conduct attacks via homograph spoofing.
Additionally, because Unicode supports a wide range of writing systems, distinct codes are allocated to characters with a similar appearance, such as the letter "O" in Latin (U+004F) and Cyrillic (U+041E). As a result, security threats are possible.
Hackers are working hard to create and register additional domains that resemble current, legitimate web addresses while the majority of online browsers are developing methods to prevent homograph spoofing. See if there are any plugins available if your browser does not allow the detection of homograph faking.
This brings up the most important issue: how can one be safeguarded against homograph spoofing?
The following are some options for action:
1. Keep an eye on the URL: Before clicking on a link or submitting any sensitive information, pay close attention to the website's URL. Search for typos, additional characters, or strange letter combinations.
2. Hover over links: Links may be seen by moving the mouse pointer over them to reveal their destination URLs. The destination URL will often show up in the status bar or a tooltip of a web browser. Check to see if the presented URL corresponds to the desired website.
3. Manually enter URLs: Instead of depending on links, enter the URL of the website you wish to visit directly into the address bar of your browser. As a result, there is less chance of clicking on a dangerous or fake link.
4. Activate browser security features: Many contemporary web browsers come equipped with security tools that may assist identify and alert users to potentially harmful websites. Enable features like anti-phishing and secure browsing, and keep your browser updated.
5. Use security software: Make use of a trustworthy antivirus or internet security program that can assist in identifying and preventing access to harmful websites. These products frequently come with built-in security measures to guard against phishing attempts.
6. Keep up with the most recent phishing tricks and typical con games. Avoid clicking on links in emails, texts, or pop-ups that request personal information from you.
You may dramatically lower your risk of believing phony URLs and shield yourself from potential phishing attacks and other dangerous actions by taking these safeguards.
How Can I Report Online Fraud?
Please contact the National Cyber Crime Reporting Portal at http://cybercrime.gov.in or the toll-free National Helpline at 1930 to report cyber crimes. Twitter (@Cyberdost), Facebook (CyberDostI4C), Instagram (cyberdostl4C), and Telegram (cyberdosti4C) are the social media accounts to follow.
Are you a victim of Online Financial Fraud? Immediately call helpline Number 1930 and register your complaint at https://t.co/cr6WZMOi4c pic.twitter.com/HZqUMKSDNF
— Cyber Dost (@Cyberdost) October 12, 2022
If the fraud involves your bank account, you must submit an email right away to the branch's official email address (which may be found on the bank's website or in your passbook), along with a copy to the bank's customer service. You must still write an email outlining your chat with the bank executive, along with the time, date, and length of the call, even if you contacted the designated customer service line. If you have a liability issue with the bank, this will be useful.