Here's a test: Click on "https://xn--80ak6aa92e.com". (Don't worry, it's safe.) Now look in the browser address bar. What is the URL now?

If you're on Google Chrome or Mozilla Firefox, it will probably look very much like "https://www.apple.com". But those letters in "apple" are in fact Cyrillic characters reading "arrIe" with an uppercase "i", and the website, as you can see, has nothing to do with Apple.

Your browser has been fooled by a "homograph" attack, in which letters in a URL are replaced with similar-looking letters, often from non-Latin writing systems. Criminals and pranksters have been trying to trick web users with this for years, and web browsers have fought back, but Chrome and Firefox still are vulnerable in certain cases.

A malicious attacker could very easily have used the look-alike Apple URL to create a very convincing replica of the Apple login page as part of a phishing scam, and used it to steal thousands of Apple IDs and passwords. That could in turn have led to iPhones hijacked and held for ransom, private photos being released online, and other mayhem.

Because the internet was developed largely by Americans, it uses the Latin alphabet for web addresses. That's not much help to the billions of people who use other writing systems, so workarounds exist to display certain addresses in Arabic, Chinese, Cyrillic, and so on. 

Such addresses look like gibberish in the Latin alphabet. But Firefox and Chrome will display them in those languages in which they make sense — as long as the characters in a URL all belong to the same writing system. Internet Explorer and Safari won't do this, and may not even open the pages.

As a result, you get look-alike URLs such as the one above. (Here's another: "https://www.xn--e1awd7f.com/".)

Source: tomsguide