In only the first quarter of 2024, almost 1 million unique phishing sites were active. Phishing is the most common way for hackers to launch account takeover attacks.
Homograph attacks, also known as homoglyph attacks, are one such example. A homograph is a character that looks similar to another, such as:
- Uppercase “I” and a lowercase “L” (l)
- The Latin letter “a” and the Cyrillic “α”
- Zero (0) and an uppercase “O”
When a hacker uses homographs to spoof a legitimate domain name, the fake URL looks convincingly real. For example, a hacker could spoof Facebook.com with Fαcebook.com — and without knowing what to look out for, you could find yourself clicking on a spam link or sending personal information to bad actors.
As of 2024, 79% of account takeover attacks started with a successful phishing scam. These tips will help you recognize the warning signs and stay safe from homograph phishing attacks.
1. Regularly Update Your Software
Newer versions of common software programs now come with security patches and built-in detection tools to help you identify, detect and eliminate threats like homograph phishing attacks and malware.
Some important programs to keep updated include:
- Your browsers
- All work and personal applications
- Your device’s operating system
Failure to update your software can cause you to miss key indicators of an attack, increasing your risk of falling victim.
2. Implement Additional Security Measures
Implementing security tools beyond the standard username and password combination can help you prevent hackers from gaining unauthorized access to your system.
Multifactor authentication (MFA) is one example. When properly implemented, MFA adds a new layer of security that makes it harder for attackers to successfully enter your system.
Users will be required to enter two or more authentication factors when creating an account in the system. The first factor is usually a username and password combination, but the other could include:
- Actions: You may need to take action to confirm your identity, such as responding to a push notification on your phone or clicking a one-time link sent to your email.
- Security questions: One of the most common authentication factors is an answer to a question only you would know, such as your father’s middle name or your first elementary school.
- Physical keys: You might need to present a smart card or ID to verify your identity, such as the Common Access Card (CAC) for Department of Defense (DoD) employees.
- Biometrics: An emerging type of authentication, biometric technologies automatically identify users based on physical or behavioral characteristics that are unique to them. For example, Apple’s Face ID system captures specific elements of a user’s face to confirm their identity and allow them access to the device.
3. Treat All Links With Caution
If an unfamiliar account sends you an email or direct message containing a link, be cautious when opening it. Hovering over the link with your cursor should show you the full URL, which can help you determine whether it’s safe to click.
Look for the following indicators of a spoofed domain:
- The URL begins with “xn-”: This prefix indicates the use of Punycode, which is an encoding method that supports international domain names with non-Roman characters.
- Characters look abnormal: If you notice that one or more of the characters in the URL don’t look like they normally do, they may be homographs.
- You don’t recognize the source: Homograph attacks typically come in unsolicited messages, which should be a red flag for any email.
Still unsure? Manually type the URL into your browser. If any symbols have been replaced with a foreign script in the link you received, typing the whole URL out with your keyboard should take you to the legitimate version of the site.
You can also bookmark frequently visited sites in your browser to ensure you always have the correct domain at hand in case you receive a link to a suspicious page on the site.
4. Invest in Security Awareness Training
Technological advancements like generative artificial intelligence (AI) have given cybercriminals the tools they need to create phishing messages even more convincing than the classic Nigerian prince scam. Security awareness training (SAT) can help your team identify any type of phishing message and respond to it accordingly.
Common signs of phishing attacks include:
- A sense of urgency: The message often pressures the recipient to click a link, submit a payment or enter sensitive information. Look out for threats and exaggerated demands.
- Grammar and spelling mistakes: Significant grammar errors and misspellings are a clear indicator of malicious activity. That said, the recent rise of generative AI has enabled scammers to create more convincing emails with less effort.
- Abnormal requests: Phishing emails often ask the recipient to perform an action that is out of the norm for the sender they are trying to imitate. For example, you might see a request from the IT department that asks you to install a software program, even though this kind of action usually follows a different workflow.
- Unfamiliar greetings: Look out for abnormal language and tone in the message, such as an employee acting overly familiar or a family member writing with a strangely distant tone. If the message seems strange for the sender, it should raise red flags.
- Inconsistent details: Discrepancies in sender information like domain names, links and email addresses are clear indicators that something is wrong. For example, you might find that the sender claims to be Microsoft, but the email address and link domains have nothing to do with Microsoft.
5. Use Password Management Techniques
Although it’s true that relying on passwords alone increases your risk of a cybersecurity incident, your password is your first line of defense against hackers. Adopting strong password practices such as the following can help you make it harder for attackers to break into your system:
- Make sure your passwords are free of real words and personal information.
- Avoid using the same password across multiple sites.
- Use a password manager like LastPass or Bitwarden.
Keep Your System Secure
Investing time and resources into preventive measures like security awareness training, password managers, and advanced authentication techniques can protect your devices from would-be attackers. With the right tools at your disposal, you and your people can confidently defend against cybercrime.
As the Features Editor at ReHack, Zac Amos writes about cybersecurity, artificial intelligence, and other tech topics. He is a frequent contributor to Brilliance Security Magazine.
.
.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.