This weird trick lets hackers hide phishing URLs

Alex Hern

from Technology | The Guardian on 2017-04-19 16:02 (#2KM13)

Some perfectly authentic looking web addresses are not what they seem and not all browsers are taking the problem seriously

Here's a challenge for you: you click on a link in your email, and find yourself at the website https://DNNOD.com. Your browser shows the green padlock icon, confirming it's a secure connection; and it says "Secure" next to it, for added reassurance. And yet, you've been phished. Do you know how?

The answer is in that URL. It may look like it reads "apple", but that's actually a bunch of Cyrillic characters: A, Er, Er, Palochka, Ie. The security certificate is real enough, but all it confirms is that you have a secure connection to DNNOD.com - which tells you nothing about whether you're connected to a legitimate site or not.

Source	RSS or Atom Feed
Feed Location	http://feeds.theguardian.com/theguardian/technology/rss
Feed Title	Technology \| The Guardian
Feed Link	https://www.theguardian.com/us/technology
Feed Copyright	Guardian News and Media Limited or its affiliated companies. All rights reserved. 2024