Homoglyph and Unicode Phishing Scams
Unicode Keyboard Image

Homoglyph and Unicode Phishing Scams

You may be wondering what homoglyphs and Unicodes are. Homoglyphs are letters or characters that look similar. For example, the character “e” looks similar to the character “ė”. Unicode is a unique code assigned to characters so that any platform or program can understand them. For example, the Unicode for “e” is U+0065, and the Unicode for “ė” is U+0117. Now, cybercriminals are taking advantage of homoglyphs and Unicodes in phishing emails to imitate legitimate organizations.

In a recent scam, cybercriminals send you an email that uses homoglyphs and Unicode to offer you a fake promotion. The email includes a link to log in to receive your promotion. For example, to make the email look more legitimate, cybercriminals could send the email using “N□ėt□fli□ⅹ.com” as the sender. The □ symbol indicates a Unicode character that is not supported in your internet browser, but your browser will automatically omit these unsupported characters when displaying text. In this example, the sender’s email address would display as “Nėtfliⅹ.com”. If you don’t notice the spoofed domain and enter your login credentials, cybercriminals can access your account and steal your sensitive information.

Follow the tips below to stay safe from homoglyph and Unicode scams:

  • Even if the sender’s email address appears to be from a trusted domain, the email could be fake. This technique can be used to impersonate any organization, brand, or even a person.
  • When you receive an email, stop and look for red flags. For example, watch out for text with odd spacing or characters that look strange.

Never click a link in an email that you aren’t expecting. If the email claims that you need to log in to your account, log in to the organization’s website directly to verify any offers or promotions.


Knowbe4 Logo

Stop, Look, and Think. Don’t be fooled.

Protect your network! Learn more about security awareness training for your team.

Like this article?

Share on Facebook
Share on Twitter
Share on Linkdin
Share on Pinterest

More Posts

Cybersecurity

Beware of the “Unsolicited Package Scam”

A New QR Code Scheme Targeting Victims In the fast-paced world of online shopping, receiving packages is a common occurrence. However, scammers have found a

Hacked Emails Phishing Cyber Image
The Latest Scams

Beware of Dropbox Phishing Scams

Protect Your Microsoft Credentials Dropbox is a widely used file-sharing service that many rely on to share photos, files, and documents. Unfortunately, cybercriminals are leveraging

Hologram Airplane Image
Cybersecurity

Beware of Fake TSA PreCheck Emails

Travelers rely on TSA PreCheck to breeze through airport security. This U.S. airport screening program streamlines the security process, allowing members to avoid long lines

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs