Homograph Attack (IDN Homograph).

A phishing technique that registers a domain using Unicode characters visually identical to ASCII ones — Cyrillic 'а' for Latin 'a', Greek omicron for Latin 'o' — so the attacker URL is indistinguishable from the legitimate one to the eye. Es gehört zur Kategorie Angriffe und Bedrohungen der Cybersicherheit.

A phishing technique that registers a domain using Unicode characters visually identical to ASCII ones — Cyrillic 'а' for Latin 'a', Greek omicron for Latin 'o' — so the attacker URL is indistinguishable from the legitimate one to the eye.

A homograph attack — formally an Internationalized Domain Name (IDN) homograph attack — abuses the visual similarity between characters across Unicode scripts. The domain `аpple.com` looks identical to `apple.com` in most fonts, but the leading 'а' is Cyrillic U+0430, not Latin U+0061; the punycode form is `xn--pple-43d.com`. Attackers register such lookalikes for phishing landing pages, malware delivery, and consent-phishing OAuth applications. Browsers and registrars have introduced mitigations: most TLDs restrict mixed-script registrations, Chrome/Firefox show punycode when a label mixes scripts or uses 'similar' Unicode, and DNS resolvers and email gateways flag IDN domains. Attackers have responded with single-script Cyrillic-only or Greek-only domains that bypass mixed-script checks, and with subdomain tricks (`paypal.com.attacker.xn--…`). Defenses combine browser punycode display, certificate-transparency monitoring for lookalike registrations, DMARC + brand-monitoring services, and user training that hovering over the URL reveals the real registered name.

Schutzmaßnahmen gegen Homograph Attack (IDN Homograph) kombinieren typischerweise technische Kontrollen und operative Praktiken, wie in der Definition oben beschrieben.

Übliche alternative Bezeichnungen: IDN homograph attack, Unicode lookalike domain.