Online scams have become increasingly common, demanding greater attention to the links and online content we interact with daily. Cybercriminals are constantly creating new methods to deceive people for financial gain, ranging from falsified payment receipts to fake technician impersonations. In Brazil, around 71% of the population has already fallen victim to this type of crime, which shows the need for caution when clicking on links in WhatsApp messages, emails, or SMS, as well as avoiding sharing personal information with strangers. To reduce risks, it is essential to understand how these scams work, recognize their main types, learn what to do if you are targeted, and adopt preventive measures to protect your data and avoid financial losses.
This article is part of a series on digital security. You can read the other texts here.
This Content Is Only For Subscribers
To unlock this content, subscribe to INTERLIRA Reports.
Homoglyph Phishing Scam
A new type of phishing scam is circulating and exploits a detail that is almost impossible to notice at first glance: the use of letters from other alphabets, such as Cyrillic, that visually imitates characters from the Latin alphabet.
In these attacks, cybercriminals create fake websites and links using characters that look identical to Latin letters. For example, the Cyrillic “о” is visually indistinguishable from the Latin “o”, and the Cyrillic “а” looks exactly like the Latin “a”. Although they appear the same, they are different characters, allowing criminals to register fraudulent domains.
How the Scam Works
- Criminals register websites that look identical to legitimate ones but use letters from non-Latin alphabets.
- The fake link is sent via email, message apps, or social media.
- When the victim clicks the link, they are taken to a cloned website.
- Login credentials, personal data, or banking information are then stolen.
- Because the characters look the same on screen, most users do not realize they are accessing a fake domain.
Why This Scam Is So Effective
This scam takes advantage of human visual perception. Even careful users may not notice that a letter belongs to a different alphabet, making the fake website appear completely legitimate. Banks, tech companies, marketplaces, and email providers are common targets.
How to Protect Yourself
- Avoid clicking on links received via messages or emails.
- Double-check URLs, especially when entering passwords or financial data.
- Use browser security tools that flag suspicious domains.
- Be extra cautious with links that look correct but come from unexpected sources.
