Skip to content
Vol. 1 · Ed. 2026
CyberGlossary
日本語
Entry № 536

Homograph Attack (IDN Homograph)

Homograph Attack (IDN Homograph) とは何ですか?

Homograph Attack (IDN Homograph)A phishing technique that registers a domain using Unicode characters visually identical to ASCII ones — Cyrillic 'а' for Latin 'a', Greek omicron for Latin 'o' — so the attacker URL is indistinguishable from the legitimate one to the eye.

A homograph attack — formally an Internationalized Domain Name (IDN) homograph attack — abuses the visual similarity between characters across Unicode scripts. The domain `аpple.com` looks identical to `apple.com` in most fonts, but the leading 'а' is Cyrillic U+0430, not Latin U+0061; the punycode form is `xn--pple-43d.com`. Attackers register such lookalikes for phishing landing pages, malware delivery, and consent-phishing OAuth applications. Browsers and registrars have introduced mitigations: most TLDs restrict mixed-script registrations, Chrome/Firefox show punycode when a label mixes scripts or uses 'similar' Unicode, and DNS resolvers and email gateways flag IDN domains. Attackers have responded with single-script Cyrillic-only or Greek-only domains that bypass mixed-script checks, and with subdomain tricks (`paypal.com.attacker.xn--…`). Defenses combine browser punycode display, certificate-transparency monitoring for lookalike registrations, DMARC + brand-monitoring services, and user training that hovering over the URL reveals the real registered name.

  1. 01

    An attacker registers `аррӏе.com` (Cyrillic а, р, ӏ, е) and serves an Apple ID phishing page with a valid Let's Encrypt certificate for the punycode form.

  2. 02

    A brand-protection feed monitors Certificate Transparency for newly issued certs that visually resemble the client's domain across the Unicode confusables table.

よくある質問

Homograph Attack (IDN Homograph) とは何ですか?

A phishing technique that registers a domain using Unicode characters visually identical to ASCII ones — Cyrillic 'а' for Latin 'a', Greek omicron for Latin 'o' — so the attacker URL is indistinguishable from the legitimate one to the eye. サイバーセキュリティの 攻撃と脅威 カテゴリに属します。

Homograph Attack (IDN Homograph) とはどういう意味ですか?

A phishing technique that registers a domain using Unicode characters visually identical to ASCII ones — Cyrillic 'а' for Latin 'a', Greek omicron for Latin 'o' — so the attacker URL is indistinguishable from the legitimate one to the eye.

Homograph Attack (IDN Homograph) はどのように機能しますか?

A homograph attack — formally an Internationalized Domain Name (IDN) homograph attack — abuses the visual similarity between characters across Unicode scripts. The domain `аpple.com` looks identical to `apple.com` in most fonts, but the leading 'а' is Cyrillic U+0430, not Latin U+0061; the punycode form is `xn--pple-43d.com`. Attackers register such lookalikes for phishing landing pages, malware delivery, and consent-phishing OAuth applications. Browsers and registrars have introduced mitigations: most TLDs restrict mixed-script registrations, Chrome/Firefox show punycode when a label mixes scripts or uses 'similar' Unicode, and DNS resolvers and email gateways flag IDN domains. Attackers have responded with single-script Cyrillic-only or Greek-only domains that bypass mixed-script checks, and with subdomain tricks (`paypal.com.attacker.xn--…`). Defenses combine browser punycode display, certificate-transparency monitoring for lookalike registrations, DMARC + brand-monitoring services, and user training that hovering over the URL reveals the real registered name.

Homograph Attack (IDN Homograph) からどのように防御しますか?

Homograph Attack (IDN Homograph) に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

Homograph Attack (IDN Homograph) の別名は何ですか?

一般的な別名: IDN homograph attack, Unicode lookalike domain。

関連用語

関連項目