Unicode

tripwire.com

WhatsApp users targeted by homoglyph attack peddling free tickets to theme park

Many WhatsApp users would probably view the message as innocent enough, appearing to offer free tickets to Britain’s Alton Towers theme park. But in truth they are being targeted by fraudsters deploying a homoglyph attack.

Read more in my article on the Tripwire State of Security blog.

How to protect your browser from Unicode domain phishing attacks

Phishers and other online crooks are taking advantage of Unicode domain names in their pursuit of your passwords and other sensitive information. Here’s a simple way to protect yourself.

Can you see why this WhatsApp message can’t be trusted?

Take a look at this WhatsApp message. Can you see why you should be wary of clicking?

Chrome, Firefox, and Opera users vulnerable to Unicode domain phishing attacks

Attackers can evade a security mechanism and abuse Unicode domains to phish for the login credentials of Chrome, Firefox, and Opera users.

David Bisson reports.

welivesecurity.com

Wɑit! Stοp! Is that ℓιηκ what it claims to be?

Can you tell the difference between exɑmple and example?

Read why it matters, in my article for the We Live Security blog.

New back-to-front Mac malware records audio and grabs screenshots on infected computers

Mac malware takes advantage of Unicode’s Right-to-Left marker to hide its true nature.