Chennai: The Cyber Crime Wing of the Tamil Nadu police has warned the public to be aware of phishing URLs using Cyrillic characters.
A release from Cyber Crime Headquarters here said, fraudsters often exploit subtle differences in website URLs to deceive users into falling for phishing attacks.
A new method involves the use of Cyrillic characters that look nearly identical to Latin characters, making it difficult for the average user to spot the difference.
This cyber scam demonstrates a new modus operandi where fraudsters exploit the differences between Cyrillic and Latin characters in URLs to deceive unsuspecting users.
These fraudulent websites are designed to appear almost identical to legitimate financial institution websites, tricking individuals into clicking on malicious links that can compromise sensitive personal and financial information, it said.
The release cautioned that for instance, citibank.com is the legitimate Citibank website. Similarly,maybank2u.com is the genuine website for Maybank.
The fraudulent site, where the “a” is replaced by a Cyrillic character, mimicking the appearance of the correct URL but leading to a malicious page.
These fake URLs can easily fool the average user, especially since the differences are not immediately noticeable.
Fraudsters are relying on these subtle differences to trick people into visiting phishing sites, where they may unknowingly provide login credentials, financial details, or other personal information.
In an advisory to the public, it appealed to them to carefully inspect URLs and always double-check the website URL before clicking.
“Look closely for any unusual characters, particularly in letters such as “a,” “o,” and “e,” which fraudsters often manipulate using Cyrillic characters”, it said.
“Avoid Clicking on Links in Suspicious Emails or Texts: If you receive an unexpected email or text with a link, do not click it directly. Instead, manually type the website address in your browser or search for the organization’s official site using a trusted search engine”, it said. .
Apart from being beware of QR Codes, it said the people should not scan QR codes from emails or messages unless they have verified the source.
“Fraudulent QR codes can lead to malicious websites designed to steal your data and if you receive an email claiming to be from your bank or a trusted organization, always contact them directly using verified phone numbers or official website contact information”, the release said.
“Never trust contact details provided within the email itself and use Security Software by ensuring that your devices have up-to-date antivirus and anti-phishing tools installed to help detect and block fraudulent websites’, it added
