Phishing, or online scamming using fake e-mails, websites or messages, is nothing new. However, cybercriminals are now getting more and more creative in order to make us believe that a message is real.
s or ṣ
For example, they use special characters, such as a letter with a small dot under it (ḅ, ṭ) to deceive us. In this way, the difference between the real URL of Safeonweb www.safeonweb.be and a fake URL www.ṣafeonweb.be (with a dot below the s) is barely visible. Since URLs are often underlined, it can be almost impossible to see the dot at all.
This technique was recently used in a phishing message that was distributed via WhatsApp with a false promotion allegedly from Efteling. A dot was placed under the t: Efṭeling.
Think first, click second
We always recommend that you refrain from unnecessarily clicking on links in social media or text messages. It is safer to search for the correct website using a search engine. Search online for Safeonweb or Efteling to find the right website. There is a good chance that you will not find any information about the fake promotion and that you will instead find a warning about the fake message.
If you are in doubt, you can copy and enlarge the link in a text document. In this way, you will be able to clearly see whether unusual characters were used.
If you have received such suspicious messages, or if you have been able to decipher fake URLs, then forward them to firstname.lastname@example.org and delete the message.
We ensure that the URL is marked as suspicious. In this way, you help prevent other Internet users from being tricked.
For amateur detectives
Today, it is letters with a dot that are used to trick us; tomorrow, however, another trick may be used. All the world’s alphabets are merged for computer use into a Unicode table where each character code corresponds to a character (letter or sign) (e.g. 1E05 - https://unicode-table.com/en/#1E05). For 19 of the 26 letters of our alphabet, a version with a dot below is available.