“If you submit personal or financial information while on the malicious site, the attacker could collect the information and then use and/or sell it."įact check: Coronavirus vaccines don’t cause death, won’t decimate world’s population Cybersecurity & Infrastructure Security Agency. “Instead of going to a legitimate site, you may be directed to a malicious site, which could look identical to the real one,” notes a 2008 security notice from the U.S. Madnick said there are other ways to deceive without changing the alphabet, such as replacing a lowercase "L" with a capital "I" in some fonts. Substituting Cyrillic characters for Roman letters that look similar, such as the lowercase “a,” hackers can direct a user who intended to visit one website to another. The attack is a form of “spoofing,” when someone poses as a legitimate institution in an attempt to obtain personal information. The user who shared the post could not be reached for comment. But similar exploitations have emerged recently as well. Credible sources dating back to the early 2000s give a similar warning against this kind of “spoof” of the website a user intends to visit. The post has been shared hundreds of times on Facebook. “Be careful for every mail requiring you to click on a link.” “An average internet user can easily fall for this,” the post reads.
A closer look, though, shows that one character – in this case, the letter “a” – is slightly different in each one. The April 20 Facebook post shows two web addresses that, at first glance, appear identical. Online attackers bent on stealing personal information are using a visual deception to trick people into visiting malicious websites, a post circulating on social media claims. The claim: Hackers use visually similar characters to deceive people in online phishing schemes