Homograph Attack

A homograph attack (also called a homoglyph attack) exploits the fact that many Unicode characters look almost identical to standard Latin letters. For example, the Cyrillic letter 'а' (U+0430) is visually indistinguishable from the Latin 'a' (U+0061) in most fonts. An attacker can register 'аpple.com' using the Cyrillic 'а' and the domain renders identically to 'apple.com' in most browsers.

The technique is particularly dangerous because even security-conscious users who check the URL in the address bar may not notice the substitution. Internationalised domain names (IDNs) were introduced to allow non-Latin scripts on the web, but they inadvertently created this attack surface.

Browsers and registrars have introduced mitigations: modern browsers often display the Punycode representation (e.g. 'xn--pple-43d.com') when mixed scripts are detected, and many top-level-domain registrars now restrict character mixing. Users can hover over links and inspect the actual URL, or use a password manager that matches exact domains rather than visual appearances.