April 26, 2025

min read

OCD Tech

What is a Homoglyph Attack?

Editor

OCD Tech

Category

Cybersecurity

Date

April 26, 2025

In a homoglyph attack (also sometimes called a homograph attack), the threat actor uses homoglyphs to spoof a URL or obfuscate code.

Homoglyphs are characters that resemble each other, such as the letter O and zero (‘0’), the Latin letter “H” and the Cyrillic letter “H,” or the uppercase “I” (“I”) and the lowercase letter “l” (L), which look identical in a sans serif font (like Calibri). In advanced phishing attacks today, phishing emails may contain homoglyph characters.

For example, the attacker might create a fake URL that spoofs a legitimate URL by using a homoglyph, like “InternationalBank.com,” switching out the letter sans serif letter “I” (“I”) for the lowercase sans serif letter “l” (L). Or the threat actor might use homoglyphs in the malware code to hide nefarious intent by inserting them into code strings that to the naked eye look normal but instead instruct the malware to do something different, like change the code’s perceived intent, such as making an ‘if’ statement always true or redirecting the user to a malicious domain.

How is this different from typosquatting?

Although typosquatting also uses visual tricks to deceive users, it relies heavily on users mistyping a URL in the address bar, hence, the "typo" in its name.

Are all homograph attacks just phishing attacks?

Not necessarily. Although homograph attacks usually involve phishing, threat actors could create fake yet believable websites for other fraudulent purposes or to introduce malware onto user system.

Reports about IDN homograph attacks, have noted that several homographed domains found were either part of a malvertising network, hosting exploit kits and malicious mobile apps, or generated by botnets.

Protection Against Homograph Attacks

Users are suggested to be vigilant when browsing online and maintain cybersecurity hygiene, including:

Regularly updating your browser (They may be your first line of defense against homograph attacks).
Confirming that the legitimate site you are on has an EVC (Extended Validation Certificate).
Avoid clicking links from emails, chat messages, and other publicly available content, most especially social media sites, without ensuring that the visible link is indeed the true destination.

OCD Tech specializes in making sure employees understand the mechanisms of spam, phishing, spear-phishing, malware, and social engineering.

Source: https://www.feroot.com/education-center/what-is-a-homoglyph-attack/

Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

OCD Tech

25 BHOP, Suite 407, Braintree MA, 02184

844-623-8324

https://ocd-tech.com

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
‍– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®
‍IT Advisory Services
‍– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review
‍IT Government Compliance Services
‍– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

Financial Services
‍Government
‍Enterprise
‍Auto Dealerships

What is a Homoglyph Attack?

OCD Tech

March 3, 2023

•

min read

In a homoglyph attack (also sometimes called a homograph attack), the threat actor uses homoglyphs to spoof a URL or obfuscate code.

How is this different from typosquatting?

Although typosquatting also uses visual tricks to deceive users, it relies heavily on users mistyping a URL in the address bar, hence, the "typo" in its name.

Are all homograph attacks just phishing attacks?

Not necessarily. Although homograph attacks usually involve phishing, threat actors could create fake yet believable websites for other fraudulent purposes or to introduce malware onto user system.

Protection Against Homograph Attacks

Users are suggested to be vigilant when browsing online and maintain cybersecurity hygiene, including:

Regularly updating your browser (They may be your first line of defense against homograph attacks).
Confirming that the legitimate site you are on has an EVC (Extended Validation Certificate).
Avoid clicking links from emails, chat messages, and other publicly available content, most especially social media sites, without ensuring that the visible link is indeed the true destination.

OCD Tech specializes in making sure employees understand the mechanisms of spam, phishing, spear-phishing, malware, and social engineering.

Source: https://www.feroot.com/education-center/what-is-a-homoglyph-attack/

OCD Tech

What is a Homoglyph Attack?

Similar articles

FTC Safeguards Rule for Car Dealerships

The Importance of ITGC Audits in Compliance

ISO 27001 vs SOC Standards: Which Should You Choose?

Common WiFi Hacking Techniques Explained

Medusa Ransomware: An Escalating Cyber Threat

Is Your Private Data on the Dark Web?

Employee Training as Your First Line of Defense: The Importance of Cybersecurity Awareness

Why SMBs Need Specialized Cybersecurity

Introduction to SHIELD by OCD Tech: Cybersecurity for SMBs

What is Penetration Testing (and Why You Need It)

Why Founders Using Wappler.io Need SOC2 Compliance: Building More Than Just an App

Cybersecurity in 2024 &amp; Beyond: Prepare for the Future

CMMC Program Final Rule Released

How to Prepare for a Cybersecurity Audit

What is Dark Web Monitoring?

Good People, Bad Clicks: Why You Should Think Before You Click

Strengthening Cybersecurity: The Benefits of Choosing a Smaller Audit Firm

Locking Your Credit

Paths to Exploiting a Privileged Account

Top Data Security &amp; Privacy Concerns

Best Practices for IT Audits

Cost of Data Breaches

vCISO: Cybersecurity Expert on Demand

MFA Cybersecurity Shield Your Business Needs

PAM Strategies

IT General Controls

The State of Penetration Testing

Choosing Cybersecurity

Penetration Testing

SOC for Cybersecurity

Phishing Scams

Charging Stations in Public Areas

Leveraging Mexico's IT Prowess

Ethics in IT Audit

Bulletproof Your Defenses: Penetration Testing

Qualities of an Effective IT Auditor

International Women's Day

Credential Scan

3 Tools to Fortify Your Password Security

Latest Toyota Data Breach: Evidence of an Industry Under Attack

IT Audit & Security for Financial Services

Most Common Online Scams

Boston's Role in Cybersecurity Innovation

Cybersecurity Champions

SAFE PASSWORD

Debunking Cybersecurity Creepy Myths

People, Processes, and CyberSecurity?

October, Cybersecurity Month

Microsoft Phishing Scams Increase

Patch Management

How to Interpret SOC 2 Reports

NIST QUANTUM ENCRYPTION WINNERS

SEC Cybersecurity rules

NIST Framework update

Benefits of Using a VPN

Cyber job vacancies

Cybersecurity Risks on Home Devices

World Wide Web Day

Cyber Resilience Strategy

Biometrics Authentication, strengthening Cybersecurity

CRISC certification

XSS Hunting using Google Dorking

Microsoft DDoS attack

Why Your Company Should Invest in a Pentest Assessment?

Social Media Safety

Machine Learning

Auto Dealer Latest Target of Ransomware

Dos and Don’ts of Using AI

What are functions of an internal audit team?

Credentialed Vulnerability Scan

CISA CERTIFICATION

Chinese Hackers target US infrastructure

GOOGLE AUTHENTICATOR SYNC RISKS

Social Engineering Security Training

Remote cyber attacks on voice assistants

Identity Management Day

NIST AI Risk Management Framework

WORLD BACKUP DAY, MARCH 31ST

Cybersecurity in 2024 & Beyond: Prepare for the Future

Top Data Security & Privacy Concerns