What is Punycode Phishing Attacks?
It's a intentionally malformed url to "appears to" a well known url, using special characters that looks like "normal" one but aren't the same.
For example:
https://www.apple.com/
https://www.аррӏе.com/
The second one points to a different domain that it isn't under control of apple, so if we use our user&password to try login we are revealing it to the attacker.
Imagine the same situation with the url of your bank.
For example:
https://www.apple.com/
https://www.аррӏе.com/
The second one points to a different domain that it isn't under control of apple, so if we use our user&password to try login we are revealing it to the attacker.
Imagine the same situation with the url of your bank.
The solution
Use Punycode Alert a Chrome Extension that shows a Warning when you visit a malformed urlChrome will release a new version of his browser this month
0 comentarios:
Publicar un comentario