Cyber-criminals are abusing multilingual character sets to trick people into visiting phishing websites. BBC: The non-English characters allow scammers to create “lookalike” sites with domain names almost indistinguishable from legitimate ones. Farsight Security found scam sites posing as banks, loan advisers and children’s brands Lego and Haribo.
Smartphone users are at greater risk as small screens make lookalikes even harder to spot. The Farsight Security report looked at more than 100 million domain names that use non-English character sets — introduced to make the net more familiar and usable for non-English speaking nations — and found about 27% of them had been created by scammers. It also uncovered more than 8,000 separate characters that could be abused to confuse people. Farsight founder Paul Vixie, who wrote much of the software underpinning the net’s domain names told the BBC: “Any lower case letter can be represented by as many as 40 different variations.”
Read more of this story at Slashdot.