![Homograph phishing (noun) [Word Notes] - Hacking Humans cover](/_next/image?url=https%3A%2F%2Fmegaphone.imgix.net%2Fpodcasts%2Fe2645c40-d46e-11f0-a168-cb92abffe43f%2Fimage%2F441b0ca2db080b93b935568d381ce462.png%3Fixlib%3Drails-4.3.1%26max-w%3D3000%26max-h%3D3000%26fit%3Dcrop%26auto%3Dformat%2Ccompress&w=1920&q=75)
Transcript
A (0:02)
You're listening to the Cyberwire Network powered by N2K.
B (0:11)
Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With ThreatLocker allow listing, you stop unknown executables cold. With ring fencing, you control how trusted applications behave, and with threatlocker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today.
C (1:23)
The word is homograph fishing.
C (1:30)
Spelled homograph, as in words that are spelled the same but have different meanings, and phishing, as in a social engineering technique that tricks the user into thinking that they are interacting with a trusted entity.
C (1:50)
Definition the use of similar looking characters in a phishing URL to spoof a legitimate site.
C (2:02)
Example sentence the attacker used a homograph phishing attack to fool the victim into visiting a spoofed version of a banking site.
C (2:17)
Origin and Context Unicode is an encoding standard used to display text on a computer. Unlike ASCII, which uses eight bits per character and only can represent 128 or 256 symbols, Unicode can display more than 144,000 characters. This allows Unicode to display text in many different languages. Homograph or homoglyph phishing attacks use similar looking Unicode characters to craft deceptive phishing URLs. In most instances, these discrepancies can be spotted if the user looks closely, such such as when the attacker replaces the letter o with the number zero. These simple attacks are usually referred to as typo squatting. In some cases, however, the characters can appear identical. Martin Zugig of Bitdefender explains that these homograph attacks use international domain names to insert characters from different languages into the URL. For example, the Latin letter o and the Cyrillic letter o appear the same to the human eye but but have different underlying Unicode. Therefore, a URL that uses the Latino can look exactly the same as the one that uses the Sirilico, but each URL will lead to a different site. Zugik notes that homographic attacks based on international domain names require much more effort than typo squatting, but they're still achievable by sophisticated attackers. Zugik says IDN homograph attacks are not common. They require custom domain registration, and most browsers don't use the display name anymore, like Unicode. Instead, they will use the real name ASCII code. While this makes it impractical for most attackers, it is a viable option for the highly motivated threat actor.