NEWS
Chrome, Firefox, and Opera Users Beware: This isn’t the Apple.com You Want
3151
2017-04-21
Posted by 3uTools

Here's a test: Click on "https://xn--80ak6aa92e.com". (Don't worry, it's safe.) Now look in the browser address bar. What is the URL now?


If you're on Google Chrome or Mozilla Firefox, it will probably look very much like "https://www.apple.com". But those letters in "apple" are in fact Cyrillic characters reading "arrIe" with an uppercase "i", and the website, as you can see, has nothing to do with Apple.



Your browser has been fooled by a "homograph" attack, in which letters in a URL are replaced with similar-looking letters, often from non-Latin writing systems. Criminals and pranksters have been trying to trick web users with this for years, and web browsers have fought back, but Chrome and Firefox still are vulnerable in certain cases.


Chrome, Firefox, and Opera Users Beware: This isn’t the Apple.com You Want


A malicious attacker could very easily have used the look-alike Apple URL to create a very convincing replica of the Apple login page as part of a phishing scam, and used it to steal thousands of Apple IDs and passwords. That could in turn have led to iPhones hijacked and held for ransomprivate photos being released online, and other mayhem.


Because the internet was developed largely by Americans, it uses the Latin alphabet for web addresses. That's not much help to the billions of people who use other writing systems, so workarounds exist to display certain addresses in Arabic, Chinese, Cyrillic, and so on. 


Such addresses look like gibberish in the Latin alphabet. But Firefox and Chrome will display them in those languages in which they make sense — as long as the characters in a URL all belong to the same writing system. Internet Explorer and Safari won't do this, and may not even open the pages.


As a result, you get look-alike URLs such as the one above. (Here's another: "https://www.xn--e1awd7f.com/".)


Source: tomsguide

Related Articles
macOS High Sierra 10.13.2 Beta 4 Now Available Apple Releases macOS Catalina With Find My, Screen Time, and No More iTunes Rumor: Apple Blocks Activation on iOS 9.0-9.3.5 Firmware Apple Still Signing iOS 11.3 Beta 5/6, Downgrade to It to Jailbreak Your iPhone How to Download Apple’s Official iOS IPSW with One Simple Step? iOS 10.3 Jailbreak / iOS 10.3.1 Jailbreak Apple Acquires German Eye Tracking Firm SensoMotoric Instruments Apple Begins Selling Refurbished iPhone 12 Mini in U.S. For First Time