Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/
1 | This variant of a phishing attack uses unicode to register domains that |
2 | look identical to real domains. These fake domains can be used in phishing |
3 | attacks to fool users into signing into a fake website, thereby handing |
4 | over their login credentials to an attacker. |
5 | |
6 | This affects the current version of Chrome browser, which is version |
7 | 57.0.2987 and the current version of Firefox, which is version 52.0.2. |
8 | This does not affect Internet Explorer or Safari browsers. |
9 | |
10 | ... |
11 | |
12 | As you can see both of these domains appear identical in the browser but |
13 | they are completely different websites. One of them was registered by us, |
14 | today. Our epic.com domain is actually the domain |
15 | https://xn--e1awd7f.com/ but it appears in Chrome and Firefox as epic.com. |