What is IDN homograph spoofing?
IDN **homograph** attacks use international domain names (IDN) with characters that look identical to ASCII letters. Cyrillic "а" looks exactly like Latin "a" but is a different character, enabling pixel-perfect fake domains.
Example: "аpple.com" with Cyrillic "а" appears identical to "apple.com" but is a completely different domain. Without careful inspection, users can't distinguish them.
Defense: browsers increasingly display IDN domains in punycode (xn--pple-43d.com) when containing mixed scripts. Email clients vary in protection. User awareness that perfect-looking domains can be fake is essential.
Was this answer helpful?
Thanks for your feedback!