What is a IDN Homograph Attack?
IDN (Internationalized Domain Name) Homograph Attack is a manipulative and simple, but sophisticated type of cyber attack.
It is also called a “UTF8 URL Impersonation”.
How does it work?
A hacker poses as a trusted counterpart and embeds a ‘foreign’ character in a hyperlink.
The foreign character is indistinguishable to the human eye and is easily mistaken for a safe and valid character.
The embedded link appears to have been sent by a trusted source and may have successfully passed through a security filter, thereby cleverly capitalising on a person’s expectation of safety.
However, the moment the link is clicked it opens up an entire enterprise to the malicious intent of the hacker.
In what ways can the IDN Homograph Attack be delivered ?
The delivery mechanism of an IDN Homograph Attack can be delivered several ways, for example by a QR Code, via e-mail an SMS or a text message.
The hacker essentially manipulates a response that invites them into the host network.
From that entry the hacker can kick off a variety of malicious attacks, including but not limited to installing malware or ransomware, stealing or manipulating data.
How to get protected from IDN Homograph Attack?
The best protection is to be proactive, vigilant and suspicious and follow these steps:
- Do not click on embedded links.
- Always re-type the URL.
- Use a password manager. As computers cannot be tricked by the ‘foreign’ character.
- Apply common sense.
- Engage AUMINT.io to train your employees.
None of us wants to be manipulated, but our cyber-enemies are intent on doing just that and on causing harm.
With small investments of thought and time, you can have the power and the ability to block these attacks!