These days, most people would say that they can tell the difference between a good URL and a bad one. In fact, most people may not even consider the fact that a URL could be ‘bad’ in the first place. The only time anyone might second-guess a URL is because it would have a lot of strange numbers or characters. However, hackers know that most people are aware of this, which is precisely why they’ve gotten more sophisticated on creating URLs that will trick people.
Whether you’re a personal user or you’re the CEO of a company, here’s why you should think twice before trusting a URL, and how to recognize the signs of a hack.
It All Starts with Language
The first step in being able to identify a bad URL is by understanding what a URL is. A URL is, of course, letters that are put together to make words (or made up words) to lead you to a place on the Web. Maybe you’ve never realized it before, but, almost all URLs on the web are made of English characters. That’s because the Internet was designed initially for an English-speaking audience.
The problem is (or, rather, the benefit for hackers) is that there are many letters in the English language that look exactly the same as letters in other languages. Although these letters don’t hold any of the same phonemic significance, they can be manipulated to make fake URLS that are a mix of letters in other alphabets and English letters. This is known as an “IDN Homograph Attack.”
How to Prevent a Homograph Attack
The reason these fake URLs are able to be created is because the phisher on the other side of the screen has found a website that has let he or she create a domain in which they can take characters from different languages. While a lot of these sites are cracking down on this behavior, it’s pretty much possible to find anything on the Internet. So, one of the easiest ways to stop an IDN Homograph Attack is by restricting IDNs under your browser settings. If this isn’t an option for your company, (maybe because you work with many international businesses) new technology is coming out in various browsers that when updated, will help protect you against such attacks.
Other Ways to Detect Danger
Homograph attacks aren’t the only ways in which people are tricked into opening bad URLs. As long as you know what to look for, you can detect danger and put a halt to it before being affected.
Cyber scams can be hard to detect. If you want to protect your company, knowing the signs of such attacks like these are important. Next time you click a new URL, stop and follow these steps.
In the meantime, try our RiskAware™ Cyber Security Scan & Report to see where your security currently stands.