Homographs: Using Different Languages to Steal Your Data

Many hackers rely on their ability to trick users into giving up information or control of their technology. As technology advances, hackers continue to find new and updated ways to gain access to user accounts. One scam in particular, known as homographs, has seen an increase of popularity as of late.

What are they?

Homographs are a phishing strategy that is used to disguise a hyperlink to look like a legitimate, secure website. Scammers are able to use these attacks due to the way that many browsers interpret URLs with characters from another language. An example of this can be found with Russian Cyrillic letters, many of which look similar to English letters. To account for this, browsers utilize basic translation tools so a user can still access a legitimate website using non-English characters by translating the address into a series of English letters and numbers.

How do hackers use homographs?

Hackers are able to take advantage of homographs by using letters from another language that look identical to letters of the English language. They create a URL that looks identical to the legitimate site, but once clicked it will automatically take you to a compromised site where your data can be at risk. This attack works because users won’t be able to see that the URL is not legitimate until it is too late, as once they click the link they will most likely be infected by malware.

How can I protect myself?

While many browsers have created fail-safes to combat this issue, there are still many browsers that are left unprotected. Even those that do use the fail-safes can be easily tricked, so it’s up to the user to prevent the attack. Be conscious of every link you click, and never open up a URL that you cannot verify. This means any URL in an unknown email address, or a pop-up ad that claims to be a legitimate company. The best way to avoid homograph attacks is to always manually type in the web address.

Want to know more about how to prevent cyberattacks? Contact Info Advantage at (585) 857-2644 to talk to our security and technology professionals today.