Do you know what a homoglyph is and would you recognise one if it was used to empty your bank account? Spotting this type of modified text – a text character with shapes that are near identical or similar to another – could prevent you from being scammed in what is known as a homoglyph attack.
In this example, the ‘o’ with a dot is not a character that many native English speakers will be familiar with, but it is used in some central European languages and, for that reason, it’s supported by Unicode – the computing industry standard for the consistent encoding of text.
According to renowned security expert Graham Cluley, homoglyphs are increasingly being used by scammers to con people into revealing personal information that could be used by fraudsters. To show how easy it is, take a closer look at the WhatsApp message above. If you received it, you may well regard it as innocent enough and be tempted to apply. You might even forward it on to your family and friends, so they too could have a chance of winning. But, it is nothing more than a cunning hoax.
You’ll see there’s a dot above the ‘o’ in altontowers.com in the link. It’s almost too small to be noticed (especially if your eyesight is as bad as mine) but it’s enough to take you to a bogus website. There, you’ll be encouraged to take an online survey and, believing you’re on the genuine Alton Towers website, give away personal details that could leave you vulnerable to fraud. Adding insult to injury, you will then be instructed to forward the message on to 20 of your friends!
There are many variants of this type of attack currently doing the rounds. Another is a too-good-to-be-true offer from Asda. (The clue that all is not as it should be is in the ‘d’ of Asda – and, for people who care about these things, the misspelling of ‘thank’).
So keep your eyes peeled for any communications that don’t quite ring true and if you’d like help giving your own business messaging an authentic feel, please get in touch!