Arguably more security than privacy, but this made me think. I havent considered the use of ambiguous fonts in phishing before. Worth reading.

  • Autonomous@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    9 hours ago

    I̶̹͊̂ ̵̢̮̬̻͙̹̦͈̜͕̖̠̱͒̃͗̎̑̕͠o̸̧̬̜͚͕̠͍̓̾̉n̷̥͔͕͈̭̦̲͓̼͍̣̪̝͗̀̓͗͜ḷ̵̢̛̅̓̓̐͝y̶̧̨̢̠͙̰͍̖̞͍͙̳̩̠͈̋͋͒̍̏̓͂̋͘̚͘ ̴̢͎͇͍͉̗̭̎͜͠ṷ̴̱̺̣͚̱̀̄͆͛̈́̀͗͒̓̇̓̇s̶̠̮͂̌̾̋ͅe̸̡̢̛̦̻̙͉͂̓́̉̏̅̓̓̒̋͘͝ ̶̢̡̬̩̯̫̱̪̫͚̱͓͉̗͑͜Ż̶͕̮͔̙̜̞̕͝a̸̡͂͛̽̓͆͌̅l̶̛͖̼̲͚̳̓͐͂̊̒͂̄͂́̿̎̒͊̒̕ǵ̶̰̩̮̹̤̺̫̥̹̹͙̌͆͋̒o̶̧̲̟̬̻̳͖͗̉̈́̓͌͗̿̅͌̂͆̈͘̕̕ ̷̡̙̩̰̦̯̄́̿͠F̶͔͙̱̞̘̯͇͖͍̱͍͖̺̯͋́̑̓̀̈́͌̍̏͌̉̄̋̇͘͜͝o̵̮̫͖̙̟͈̬̽̃̔̇̔̈́́͒̏̃͐͘͘͘ͅn̶̨̞̠͖͓̗͕̙͈̙̥̟̈́̈́̔̃̓̿͂̆̈́̌ṱ̸̢̧̩̗̮͔͔̲̖̺̯͇̩̟̈́̈́͗̊̐̈́̐͆̽̄̂̔̇͒̚ͅ

  • NekuSoul@lemmy.nekusoul.de
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    17 hours ago

    While this is a very special and interestng use of this attack vector, I do think it often gets too much focus, mostly because it’s ignoring a much bigger problem: The average person doesn’t even know what the legit URL of a website should even be, and that starts with the TLD. Was it .com? Or maybe .org? Maybe some country-TLD or maybe one of the thousands of new TLDs like .world or .finance? If you don’t have a perfect memory of every URL of all the websites you’re using, being able to inspect the exact shape of each letter isn’t going to help you.

    • rnercle@sh.itjust.works
      link
      fedilink
      arrow-up
      8
      ·
      23 hours ago

      And wouldn’t you know, the Wall Street Journal revealed that the Polymarket set up a fake version of their website and named it PoIymarket. (Did you catch it?)

      PoIymarket (spelled with a capital “i” instead of a lower case “l”), is a fake version of their platform.

      what difference a mono font would make with the I & l difference?

      • Megabit@lemmy.today
        link
        fedilink
        arrow-up
        16
        ·
        edit-2
        23 hours ago

        It would make those characters more distinct. Should be able to see it here with a code line. The letter O and the number 0 also have more noticeable differences that go beyond what serif fonts can do

        Capital I
        Lowercase l 
        Number 1
        Capital O
        Number 0
        
  • freeman@feddit.org
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    21 hours ago

    i thought this is common knowledge with tech people. I heard years ago about swapping of the cyrillic „a“, maybe thats why.