A recent Facebook post shows two web addresses that, at first glance, appear identical. But a closer look shows that one character – in the post’s case, the letter “a” – is slightly different in each one. Hackers use the visual similarities between characters in the Roman alphabet used in the English language and the Cyrillic alphabet.
Equip your team to catch such trickery with Phishing Simulations by Logix.
The Cyrillic alphabet is a writing system used in over 50 languages, including Russian, Bulgarian, Macedonian, Serbian, and Ukrainian. The Cyrillic alphabet “ɑ” resembles the English alphabet “a.” Hackers are then directing the user who intended to visit one website to another.
Hence, even if Cyrillic characters by themselves are not a threat, the problem is when characters look like others, since these then can be used in social engineering. Using Cyrillic characters is a technique of deception technique that uses homoglyphs (homoglyph is one of two or more characters or glyphs with shapes that appear identical or very similar), in which an attacker abuses the similarities of character scripts to create fake domains of existing brands and trick users into clicking them.
In a homograph attack a website’s name is written in a non-Latin script, like Cyrillic, which resembles its English counterpart. It is then converted to a code called Punycode. This Punycode transcodes a domain name that contains the Cyrillic characters into its URL address. In simpler words, the attackers use Cyrillic letters that look like Latin ones to create fake domains that are hard to distinguish from the real ones to trick users.
Here are some of the best possible ways, suggested by the CISA (Cybersecurity and Infrastructure Security Agency) to detect spoofed hyperlinks to save your personal information from getting stolen.
- Don’t click on links without checking, enter the web address yourself in your browser’s search bar. That way, you’ll know you’re going to the right place.
- Make sure your web browser is always updated to the latest version.
- Before you click on a link, hover your mouse over it and check where it leads. You’ll see the web address pop up on your screen. If it looks strange or different from what you expected, don’t click on it.
- Use software that offers protection against malware and viruses.
- Always check the URL carefully for any suspicious characters before clicking.
- Take regular data backups.
- Use bookmarks or search engines to access trusted websites or type the URLs.
- Install security software that can detect and block phishing attempts
The potential for confusion between Cyrillic and Latin scripts can be exploited by cybercriminals, making it crucial for users to adopt safe browsing practices. By staying informed and employing preventative measures, we can navigate the digital world safely.