Skip to content
de
Von Jens Reichardt am 15.08.2024 IT Security

Homoglyphic attacks - The dangerous game with characters

Homoglyphic (also known as homographic) attacks are a sophisticated form of cyberattack in which attackers use similar characters from different writing systems to create deceptively real phishing websites or fraudulent emails. This type of attack is becoming increasingly important as it is difficult to detect and poses significant security risks.

Translated with DeepL.com (free version)

Definition and explanation

This type of attack refers to the misuse of characters that look the same or almost the same in different fonts, but have different encodings or meanings. In URLs or email addresses, a homoglyphic attack can result in a user being taken to a fake website that looks deceptively similar to the real site.

Techniques of homoglyphic attacks:

  • Visual deception: Use of visually identical characters, e.g. “1” “l” (lower case L) and “I” (upper case i) or “rn” and “m”.
  • International characters: Use of characters from non-Latin scripts (e.g. Cyrillic, Greek) that look similar to Latin letters, e.g. the Greek ο (omicron) and the Latin o.
  • Unicode manipulation: Use of characters from the Unicode character set that change the display, e.g. by using the right-to-left override (RLO), which ensures that the letters after it are output in “reverse” order (i.e. from right to left).

Translated with DeepL.com (free version)

Examples and case studies

Example 1: Fake domain names

Imagine you receive an e-mail that purports to come from “paypal.com”. However, it is actually “рaypal.com” (where the “р” is a Cyrillic character). The user does not notice the difference and enters their sensitive data on the fake website.

Example 2: Email manipulation

An employee receives an email from a supposed business partner with the address “ceo@firma.com”, which is actually “ceо@firma.com” (with a Greek “о”). He opens the attachment and unknowingly triggers malware.

Impact and risks

Homoglyphic attacks can have far-reaching consequences, especially for companies that rely on their online presence. Phishing attacks, identity theft and financial losses are just some of the potential risks. As such attacks are often difficult to detect, they can cause great damage before they are discovered.
For users, the main risks are identity theft, compromise of accounts (e.g. email, bank) or loss of sensitive data, which could lead to subsequent blackmail attempts.
For companies, the risks are even more serious:

  • Companies whose brands or domains are misused for such attacks can suffer significant reputation losses. The trust of customers after an attack becomes known can be impaired in the long term and thus have a significant negative impact on business.
  • Financial losses: Companies usually have to bear the costs of fixing the security vulnerabilities and dealing with the consequences themselves.
  • Legal consequences: Companies can face legal problems if they do not take sufficient measures to protect their customers from such attacks. This can lead to fines and civil proceedings, especially in the context of data protection laws.
    These attacks are particularly dangerous in sectors such as finance, e-commerce and public administration, where sensitive data needs to be protected.

Protective measures

Fortunately, there are various ways to protect yourself against homoglyphic attacks:

We discussed how hybrid working models can be secured with the experts from Jamf.
Click here for the results from the live talk “Hybrid Work needs Zero Trust”.

Conclusion

Homoglyphic attacks are an underestimated but effective method of deceiving users and stealing data. They use the visual similarity of characters to mislead people. As they are often difficult to recognize, it is all the more important to remain vigilant and take protective measures. Companies should act proactively to protect their customers and employees

Jens Reichardt

Business Development Executive

Jens is an expert in the field of device management and Modern Workplace. Whether it’s iOS, Android, Windows or macOS, you are in the best hands with Jens if you have any questions.

Jens Reichardt