Staying Safe Online: Unmasking the Tricksters of the Internet
In today's digital world, we all need to be aware of the tricks and traps that can catch us out online. One of these tricks is called an Internationalised Domain Name (IDN) homograph attack. It's a fancy name, but it's really just a way for online tricksters to make a fake website look like a real one. Another common name for this type of attack is HTTP spoofing.
Imagine you're walking down a street and you see two shops that look exactly the same. They have the same name, the same logo, and the same products in the window. But one of them is a fake, set up by a trickster to fool people into handing over their money. This is what an IDN homograph attack does, but on the internet.
The tricksters use letters from different languages that look the same to us but are different to a computer. For example, the English letter 'a' and a similar-looking letter from the Russian alphabet might look the same to us, but to a computer, they're different. This allows the tricksters to create a website that looks like a trusted site, but is actually a trap.
The table below shows an example of how this can look for the address apple.com.
Source: Malwarebytes Labs, accessed 23 June 2023
So, what can we do to avoid these tricks? Here are a few tips:
π² Learn and Share
The best way to avoid a trick is to know about it. Make sure you and your co-workers know about these tricks. Always double-check website addresses and look for signs that a website is secure, like a little padlock symbol and 'https' in the website address.
π―ββοΈ Spot the Difference
Some internet browsers can show website addresses in a special way that makes it easier to spot these tricks. This special way of showing addresses is called Punycode. For example, the Russian 'a' would show up as 'xn--' in Punycode.
If your browser doesnβt do this, you can use tools such as Punycode Converter. If the address is legitimate, then the Punycode will appear exactly as the website address appears and you are good to go!
π Extra Security
Use extra security measures like SSL certificates and two-factor or multi-factor authentication. These are like having a double lock on your front door - they make it harder for the tricksters to succeed.
π Keep an Eye Out
Regularly check what's happening with your organisation online. There are tools that can help you spot any fake websites that are pretending to be you. Here are some examples:
Google's Safe Browsing service lets you check a URL to see if it's been reported for phishing or other unsafe content.
PhishTank is a free community site where anyone can submit, verify, track and share phishing data.
VirusTotal is a free service that analyses suspicious files and URLs to detect types of malware, including phishing and spoofing attacks.
URLVoid is a service that analyses a website through multiple blacklist engines and online reputation tools to facilitate the detection of fraudulent or malicious websites.
Tools like DigiCert's SSL Installation Diagnostics Tool can help you verify that a site's SSL certificate is valid and properly installed.
Services like Whois Lookup can provide information about who registered a domain, which can sometimes help identify fraudulent websites.
How do you make sure you are staying safe online? Do you have tips to add to our list above? Let us know on our social channels!