In an attempt to conceal spam messages from anti-spam filters, spammers employ various tactics of ill intent. And for that purpose, spammers use obfuscation and/or spoofing techniques, the misuse of brand names, and many other tactics that make it difficult for content filtering to identify the spam message.
Recently, Symantec observed a spam attack in which homograph spoofing was used so that the spoofed domain name partially or completely resembles the reputable brand domain name. However, before discussing this trend we will first introduce you to terms that may be unfamiliar, such as IDN, Punycode, and homograph spoofing.
An internationalized domain name (IDN) is a domain name that contains one or more non-ASCII characters. Such domain names could contain characters from non-Latin scripts such as Arabic, Chinese, or Devnagari.
The domain “ёxample.com” uses “ё”, which is a...