Punycode Phishing attacks - how to stay safe - Spoofed URLs and fake websites!

[God Of Thunder]

A friendly bump!

I believe this thread needs more attention from everyone, so it gets bumped. People need to read this and understand the importance of the Punycode and Homograph phishing attacks. I thought I knew many things, but I am being honest here, I never heard about it before this week when SFR10 mentioned it. He forwarded me to this thread, which everyone should read and know.
@wwzsocki, I had a fight with you in another thread but the truth is, I never wanted to engage in a fight but you got insulted by me. I am sorry for that. I hope you didn't take it with heavy heart.

[wwzsocki]

@wwzsocki, I had a fight with you in another thread but the truth is, I never wanted to engage in a fight but you got insulted by me. I am sorry for that. I hope you didn't take it with heavy heart.

I keep sitting here and look for posts in my account history to recall what was this all about but can't find anything. I hope it wasn't done on purpose, maybe language barriers, please send me link if there is any or remind (maybe in DM?) what was that all about,

I hope it wasn't my intention to insult you but if it was then one more time i am very sorry and hope that you will be able to accept my apology

A friendly bump!

I believe this thread needs more attention from everyone, so it gets bumped. People need to read this and understand the importance of the Punycode and Homograph phishing attacks. I thought I knew many things, but I am being honest here, I never heard about it before this week when SFR10 mentioned it. He forwarded me to this thread, which everyone should read and know.

I have edited/updated a bit for beter read, thanks for bumping it, also hope that more people will read about "Punycode and how to protect yourself from Homograph Phishing attacks"

Punycode and Homograph Phishing attacks are the easiest way to get scammed and many even experienced internet users are not able to recognize it, enough to type username and password on fake website

Lately this scam is even better and there are fake websites that redirect to original website after hitting login for example, so there is small chance to recognize that something gone wrong, people think "oh failed login, for sure typed wrong, fat fingers" and try one more time, which is successful, they don't expect that somebody just got access to this account.

I myself almost shared password to one of my exchanges accounts, so I am totally aware how well made fake websites are, at first look I wasn't able to recognize it, don't mention spoofed URL, of course it looked exactly same as original

The best practice to be safe is to use links only from trusted sources, direct links and bookmark them.

Password manager is also very helpful, in my case switched on the red lamp when i wasn't able to login to the fake website when I was simply clicking on username, it should fill automatically and I got nothing, couldn't login even if I wanted to because didn't knew the password, it is strong and generated by the password manager.

always use Two-Factor Authentication (2FA) if possible

[God Of Thunder]

I hope it wasn't my intention to insult you but if it was then one more time i am very sorry and hope that you will be able to accept my apology

. You didn't insult me. It was my bad buddy! If you already forgot what happened, I don't want to remind you about it anymore. But I can give you a hint that it occurred in the Sinbad Bitcoin prize prediction thread. I am genuinely sorry, and I hope you didn't take it with a heavy heart.

I have edited/updated a bit for beter read, thanks for bumping it, also hope that more people will read about "Punycode and how to protect yourself from Homograph Phishing attacks"

Thanks for updating the thread. As I said, I had never heard about it before SFR10 mentioned this. I never knew something like this existed. I bumped this one because I believe more people should read about it.

[wwzsocki]

You didn't insult me. It was my bad buddy! If you already forgot what happened, I don't want to remind you about it anymore. But I can give you a hint that it occurred in the Sinbad Bitcoin prize prediction thread. I am genuinely sorry, and I hope you didn't take it with a heavy heart.

oh thanks for explanation, I don't like personal fights and am immediately nervous to such extend that i couldn't understand what was written, don't know what to think about this, i need a chill pill i assume  

no i don't remember this at all, i am such type that usually don't involve in fights and always try to be polite.
I've never been able to hold a grudge against someone for long

[God Of Thunder]

oh thanks for explanation, don't know how I understood you wrongly, now when i read it again is obvious (written in plain English  )

Thanks for understanding. No one is above the mistakes, and I guess I was the one who unintentionally wrote something bad. I am happy to know you didn't take it too heavily, and even you forgot that already.
 

I don't like personal fights and am immediately nervous when i read about to such extend that i haven't understood you correctly,
don't know what to think about this, i need a chill pill i assume  

I also like to stay neutral all the time, but sometimes I do something that is not acceptable to others. But, I believe I can handle criticism, and I understand what mistakes I made in the past. Saying sorry for my own mistakes won't make me down. So, when it's my mistake, I would be very much happy to apologize.

[wwzsocki]

...

ok let's stop with this offtopic and bring back discussion about Homograph Phishing attacks


have you found any new fake website with spoofed name worth attention and sharing lately? known exchange or wallet maybe?

I keep thinking if I shall add links to your thread and the others I have seen when i was reading your comments about Punycode and Homograph Phishing attacks to make it easy to find for members that are interested and want to read more about this.

I think is worth to do it, if you agree with me and have any links that I can add please share, I will take a look and add the most valuable once or all of them, we will see

[God Of Thunder]

have you found any new fake website with spoofed name worth attention and sharing lately? known exchange or wallet maybe?

Unfortunately, I haven't noticed any spoofed website names yet. As you already know, I didn't even know about it. I don't know If I have visited such a link before without understanding that this is not the real website. If I find anything like this in the future, I will keep update you about it.

I keep thinking if I shall add links to your thread and the others I have seen when i was reading your comments about Punycode and Homograph Phishing attacks to make it easy to find for members that are interested and want to read more about this.

I think is worth to do it, if you agree with me and have any links that I can add please share, I will take a look and add the most valuable once or all of them, we will see

I always agree with something that may help forum people. As I said, I didn't find any website yet as I wasn't aware about it. Moreover, I do not actively search for them. The scam websites links I gathered from a random search when I was interested about a specific miner. Let me know what should I do to help everyone.

[wwzsocki]

This thread is quoted and merited frequently, looking at recent cases of Punycode Homograph Phishing Attacks decided to continue and update it

Beware of Punycode Homograph Phishing Attacks: Recent Cases and Prevention Tips

Punycode homograph phishing attacks remain a significant cybersecurity threat. These attacks manipulate Unicode characters to create fake domains that mimic legitimate ones, tricking users into visiting malicious websites or sharing sensitive data. Here's a breakdown of the latest findings:

Recent Cases

Punycode with Unicode Spoofing
Attackers used characters from other scripts to mimic Latin-based domains. For example:
xn--alixpress-d4a.com appears as aliéxpress.com but targets users of the real aliexpress.com.
These domains were linked to malware distribution and phishing scams.
Source: Akamai Blog

Complex Redirect Chains
Threat actors combined Punycode with services like Google Translate to mask malicious links. Victims were redirected to fraudulent pages that bypass browser security.
Source: Barracuda Blog

Massive Campaigns Detected
Over 6,000 suspicious homograph domains were flagged in 32 days by Akamai. Many of these were actively accessed, targeting platforms like Amazon and Google.
Source: Akamai Blog

E-commerce and Financial Sector Exploits
Domains mimicking services like ámazon.com and paypal-supp0rt.com were designed to steal user credentials and distribute malware.
Source: Akamai Blog

Prevention Tips:
Browser Vigilance: Modern browsers often display Punycode domains in their raw format (e.g., xn--domain.com) to help users identify risks.
Security Tools: DNS filtering solutions can block suspicious traffic effectively.
User Education: Always double-check URLs in emails or SMS messages, especially those requesting sensitive information.

Punycode homograph phishing is a growing concern, and staying informed is the first step in protecting yourself. Share your experiences or additional tips below!