Live Unicode checker
Stay safe with Xanthos
Please note that this resource is provided for guidance only. We do not check whether the website is safe for you to visit, it’s only checking the characters in the text you provide. Therefore any website you do, or do not, choose to visit after using this resource you do so with this understanding.
A sensible social media warning
The introduction of internationalised domain names was intended to make the internet more accessible to users around the world, allowing them to register domain names in their native scripts. While this inclusion can enhance inclusivity, it also raises concerns about potential misuse, particularly in the context of phishing and hacking.
One of the primary security concerns with allowing certain characters, such as Cyrillic, in URLs is the potential for homograph attacks. Homograph attacks involve the use of characters from different scripts that visually resemble each other, making it challenging for users to distinguish between them.
With simple changing of fonts a normal “a” and a Cyrillic “а” will look identical to the naked eye, but they represent different characters.
Look at the following links. Whilst they appear identical they are very different:
Click on each link to see how they appear in the checker above (don’t worry, they’re not actual links) and reveal the safe one.
The social media warning says “An average internet user can easily fall for this”, but even highly experienced internet users would struggle to tell the difference.
Hackers and phishing attackers could exploit this visual similarity to create malicious URLs that mimic legitimate websites, tricking users into divulging sensitive information such as login credentials. This technique, known as IDN homograph attack, has been a concern since the inception of internationalised domain names.
It’s essential for users to stay vigilant and verify the legitimacy of websites, especially when clicking on links or entering sensitive information online.