by Debbie Burke
Let’s have a pop quiz to see if you can spot stealthy scam tricks.
Identify the differences in the following email addresses:
- SECURITYALERT@YOURBANK.com SECURITYALERT@Y0URBANK.com
- fraud-alert@your#1creditcard.com fraud-alert@your#lcreditcard.com
- securitywarning@shoppingsitewarning.com securitywarning@shoppingsitewaming.com
Answers:
- The capital “O” is replaced a zero (0).
- The numeral “1” is replaced with the lower-case letter “l”. In some fonts, these two characters appear identical. But notice the slightly different spacing.
- In the domain name “m” is substituted for “rn” because they appear similar in some fonts.
Have you heard of homographs?
According to Merriam-Webster, the traditional definition is:
Two or more words spelled alike but different in meaning or derivation or pronunciation (such as the bow of a ship, a bow and arrow).
However, scammers have added a twist to create “homograph attacks.”
Attorney Steve Weisman explains:
A homograph attack is a type of cyber attack where attackers exploit look alike characters, often from different alphabets to create misleading domain names, usernames, or URLs that appear legitimate but actually lead to malicious sites.
Fraudsters constantly find new tricks like using “confusable letters” as defined by util.unicode.org:
Confusable characters are those that may be confused with others (in some common UI fonts), such as the Latin letter “o” and the Greek letter omicron “ο”. Fonts make a difference: for example, the Hebrew character “ס” looks confusingly similar to “o” in some fonts (such as Arial Hebrew), but not in others.
Cyrillic letters used in Russian and other Slavic languages are especially popular with fraudsters because the characters often appear identical to letters used in English. The human eye can’t see the difference but the program on your computer or phone that “reads” the character can.
That tiny substitution allows fraudsters to redirect unsuspecting victims to bogus domain addresses.
Check out more details and examples in these articles from Guardio.io and Bleepingcomputer.com.
Stealthy tricks like these can fool even the most careful, vigilant consumer.
Scammers frequently send emails that appear to come from your bank, credit card company, or a shopping site you buy from. They warn that your account has been compromised or they ask if a suspicious high-dollar charge is valid.
If you click on their links, they redirect you to their own fraudulent website. Those feature logos and graphics that look exactly like those of the authentic websites. But those sites are clones created by scammers.
Texts can also appear to originate from the actual phone numbers of businesses or government agencies, but the numbers have been spoofed. If you call that number back, the call goes to the scammer.
Because the sender’s address or phone number appears totally legitimate, you might be tempted to click.
Don’t.
If you go there, they may download malware to your computer. Alternatively, they may pump you for personal information, asking you to verify your identity with your date of birth, Social Security number, etc.
Yup, that verifies your identity, all right—enough to allow them to steal it.
Impersonation and homograph attacks have recently become so prevalent, many government agencies and businesses now post warnings headlined at the top of their real websites.
In a truly ironic twist in September, 2025, three bold scammers impersonated the FBI’s Internet Crime Complaint Center (IC3), the very agency whose function is to catch cybercriminals.
When you receive emails or texts with links, do not click. Close the message. To determine if the contact is legitimate, call the number on your credit card or billing statement.
Visit the website address shown on your billing statement. Don’t automatically assume the first website that appears in an online search is legitimate. Manipulation of logarithms can move misleading sites higher on search pages.
If you click a link in error, immediately contact the real entity to report the incident so they can flag or freeze your account. If fraud takes place, additionally contact local law enforcement and IC3.
Thanks as always to Steve Weisman and his watchdog site Scamicide for alerting people to new twists.
What a world. Sigh…
~~~
TKZers: Have you experienced homograph attacks by email or text? Do you know of additional stealthy misleading tricks? Please share in the comments.
~~~
Looking for a binge bundle for a bargain? Try the three-book gift set of Tawny Lindholm Thrillers for only $5.99.
These scammers need to get a life and find something else to do with their time. How annoying!
Brenda, unfortunately scammers are making $$$ and are unlikely to stop. It’s awful to have to be suspicious of every email or text.
Hope you have a great, scamless day.