Learn How Scammers Are Using Weird URLs to Impersonate Real Websites
If you weren't on the ball, you might not notice that one of these URLs is going to take you to a fake version of the blockchain website designed to steal your credentials. If you fall for the scam then you can wave goodbye to the contents of your wallet.
Homographic characters are international language characters, but with a hard-to-spot dot or inflection above or below beneath – e.g. ḥ ạ ṃ ì. There are quite a few characters that have this looky-likey quality - all of which can be used to register a spoof domain. Normally, a business would defensively register look-a-like domains, but in this case there are potentially so many possible combinations that this approach is likely unworkable for many. This probably needs to be fixed in the browser. Until that’s done, always scrutinise the destination URL of any website link (including the ones that you see in online Ads... such as those displayed in Google's search results).
If you see a non-English character in the URL of an English language website then you are looking at a sure-fire sign of a scam.
Vietnamese characters enable scammers to impersonate the websites of legitimate organisations
Scammers are now using near-miss Vietnamese characters to impersonate the websites of legitimate organisations. These are standard looking lowercase letters, but with a hard-to-spot dot beneath – e.g. ḥ ạ ṃ. There are quite a few letters that have this quality - 19 in total - all of which can be used to register a spoof domain. Normally, a business would defensively register look-a-like domains, but in this case there are potentially so many possible combinations that this approach is likely unworkable for many. This probably needs to be fixed in the browser. Until that’s done, be on the lookout for dotted characters in links and website addresses… a sure-fire sign of a scam.
Is that a spec of dust on the screen, or a scam URL?
Full threat analysis: http://blog.talosintelligence.com/2018/02/coinhoarder.html