Fact check: Hackers using visually similar characters to deceive in phishing schemes – USA TODAY

admin on May 1, 2021 Leave a Comment

While the world is focused on battling the coronavirus, cyber attacks have increased in the healthcare field and for individuals. Veuers Justin Kircher has the story. Buzz60

Online attackers bent on stealing personal information are using a visual deception to trick people into visiting malicious websites, a post circulating on social media claims.

The April 20 Facebookpostshows two web addresses that, at first glance, appear identical. A closer look, though, shows that one character in this case, the letter a is slightly different in each one.

An average internet user can easily fall for this, the post reads. Be careful for every mail requiring you to click on a link.

The post has been shared hundreds of times on Facebook.

The claim appears to be true. Credible sources dating back to the early 2000s give a similar warning against this kind of spoof of the website a user intends to visit. But similar exploitations have emerged recently as well.

The user who shared the post could not be reached for comment.

The attack is a form of spoofing, when someone poses as a legitimate institution in an attempt to obtain personal information.

Most people by now have gotten a little bit suspicious. ... The idea is how can they trick you into thinking you know who it is or what it is when it isnt, said Stuart Madnick, founding director of Cybersecurity at MIT Sloan.

In this instance, it exploits the visual similarities between characters in the Roman alphabet used in the English language and the Cyrillic alphabet, which Britannica.com said was developed for Slavic-speaking people and is used in more than 50 languages, including Russian.

Substituting Cyrillic characters for Roman letters that look similar, such as the lowercase a, hackers can direct a user who intended to visit one website to another. Madnick said there are other ways to deceive without changing the alphabet, such as replacing a lowercase "L" with a capital "I" in some fonts.

Instead of going to a legitimate site, you may be directed to a malicious site, which could look identical to the real one, notes a 2008 security notice from the U.S. Cybersecurity & Infrastructure Security Agency. If you submit personal or financial information while on the malicious site, the attacker could collect the information and then use and/or sell it."

Fact check: Coronavirus vaccines dont cause death, wont decimate worlds population

The scheme is possible because of internationalized domain names and how web browsers read them, according to the agencys notice, which was updated in 2019.

The so-called homograph attacks have been around since the early 2000s. A 2005 post on The Register, an online technology news publication, called them a new vector for phishing attacks.

But they have popped up again recently. Last year, researchers discovered domain names designed to deceive users into thinking they were going to a legitimate website, The Register reported, despite efforts to contain the problem.

These bogus sites are designed to look real while phishing (to gather) credentials or distributing malware, according to the March 2020 post. You think youre logging into Google.com from an email or instant-chat link, but really youre handing over your password to a crook.

CISA also warned of the potential for homograph attacks in a December 2020 alert about cyber attacks designed to disrupt remote learning as children attended virtual classrooms during the COVID-19 pandemic.

Phishing scams lure you to a phony website. The American National Red Cross and its individual states, as well as the Canadian Red Cross, has seen several coronavirus phishing scams that claim to be from its organizations.(Photo: Marc Saltzman)

Spoofed hyperlinks and websites are a red flag for a potential attempt to steal personal information, according to CISA, part of the U.S. Department of Homeland Security. CISA recommends three steps to avoid falling victim tothe scheme:

People should assume they eventually will be thetarget of an attack and take steps in advance to mitigate any damage, MITs Madnick said. He recommended using software to protect against viruses and malware and having data backups that would make ransomware attacks less effective.

Take a good look at a phishing e-mail from a hacker(Photo: screenshot)

The claim that hackers use letters that look similar but come from another alphabet to deceive people in online phishing schemes is TRUE, based on our research. The deception known as a homograph attack has been going on since at least the early 2000s. Letters from the Cyrillic alphabet are substituted for those that are visually similar in the Latin alphabet to direct unknowing users to malicious websites.

Thank you for supporting our journalism. You cansubscribe to our print edition, ad-free app or electronic newspaper replica here.

Our fact check work is supported in part by a grant from Facebook.

Autoplay

Show Thumbnails

Show Captions

Read or Share this story: https://www.usatoday.com/story/news/factcheck/2021/04/30/fact-check-hackers-use-similar-looking-characters-phishing-schemes/4891437001/

The rest is here:
Fact check: Hackers using visually similar characters to deceive in phishing schemes - USA TODAY

Related Posts
Posted in Internet Security

Comments are closed.