Image

You could be vulnerable to this hard to detect phishing attack

There’s a new phishing attempt going around that is almost impossible to detect. This clever exploit makes bogus URLs appear as legitimate sites in both Firefox and Chrome, and can even mimic the green lock icon of secure HTTPS sites.

Most users don’t know the difference, and even expert users can be fooled with these look-a-like URLs. The Chinese security researcher who discovered the attack, Xudong Zheng, said that “It becomes impossible to identify the site as fraudulent without carefully inspecting the site’s URL or SSL certificate.”

An example of this is the domain xn--80ak6aa92e.com (Set up by The Hacker News), which would show up in Chrome and Firefox as apple.com using this exploit.

How you can keep yourself from falling victim:

Practice secure browsing habits.

Keep your browsers up to date. When a patch is released, these companies are typically very quick to respond.
Avoid clicking any URL sent via email that require you to login or request sensitive information.
Manually type in the website address of any site where you are giving personal information.

Use a password manager.

If you don’t already use a password manager, such as LastPass, now would be a great time to start. They are great for automatically filling in passwords so you don’t have to remember them. But there’s also an added benefit! Password managers and their extensions for your browser will not automatically fill in your info for these bogus sites.

Fix the problem manually in Firefox

There is a way to fix the issue in Firefox manually until a patch is released.

  1. Type ‘about:config’ in address bar and press enter.
  2. Type ‘Punycode’ in the search bar.
  3. The option titled ‘network.IDN_show_punycode’ will appear. Right-click and choose ‘Toggle’ or double-click to change the value from false to True.

Firefox will now show the bogus URLs as their original string of characters.

Staying aware of current online security news can help you stay safe online. Follow us on Facebook to keep up with the latest updates.

Sources:
https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/

Share this Post