Homograph attack
(also IDN homograph attack, homograph phishing attack, homoglyph phishing attack)
Homograph attack definition
A homograph attack includes the bad actor using similar characters as another legitimate site and disguising themselves as if they are that site by creating a fake URL that spoofs the real one. Homograph attacks aim to fool victims into believing that the link, website, or file is coming from a well-known source, enticing them to interact with the copycat and giving them access to their information or computer without knowing.
An example of a homograph attack is when a bad actor creates a malicious website against a legit one, replacing the Latin “a” in the legitimate example.com site with the Cyrillic “a,” which looks the same.
Of course, end users can recognize most bad sites easily. However, when a homograph attack is based on international domain names (IDN), they can be tricky to tell apart from the legit domain they are spoofing or impersonating.
See also: SSL encryption, website spoofing
Defending against a homograph attack
- Regularly update your browser because most homograph attacks are conducted via browsers.
- Only give your data to websites that use HTTPS and SSL certificates issued by trustworthy CAs (certified authorities).
- Do not click on links, messages, attachments, and downloads without confirming that the link is legitimate. Before doing anything, type in the link into Google and see what the results tell you.