A new phishing campaign has emerged that uses the Japanese hiragana character ん to impersonate forward slashes in website URLs. This subtle trick creates the illusion of a legitimate domain while quietly directing victims to malicious sites.
How the Attack Works
- Instead of a forward slash / in URLs, attackers insert the ん character, which looks similar but is part of the Japanese script.
- For example, a URL resembling https://account.booking.com/… might appear as account.booking.comんdetailんrestrict-access.www-account-booking.com/en/.
- The spoofed domain, not the original service, hosts malware installers such as infostealers or remote access tools.
This method is part of IDN (Internationalized Domain Name) homograph attacks, which rely on replacing standard characters with visually similar ones from other alphabets or scripts. Even tech-savvy users can overlook these small but dangerous discrepancies.
Who Is at Risk
While this campaign appears to target travel booking customers, the threat applies broadly:
- Financial Services – Credential theft from spoofed banking and payment portals.
- Retail & E-commerce – Fraudulent orders and payment interception.
- Healthcare – Exposure of confidential patient records through fake portals.
- Government & Public Services – Impersonation of official service sites to steal personal data.
Defensive Measures
- Train staff and customers to hover over links and verify actual domains before clicking.
- Use browser and email security tools capable of detecting suspicious Unicode characters.
- Incorporate homograph attack scenarios into phishing simulations.
- Deploy web gateway filters that block domains with mixed script characters.
Conclusion
This phishing tactic proves that attackers no longer rely solely on obvious scams-subtle character swaps can bypass both human and automated checks. The lesson is clear: security awareness must now extend to understanding character-based deception, and defenses should evolve accordingly.
About COE Security
COE Security partners with organizations in financial services, healthcare, retail, manufacturing, and government to secure AI-powered systems and ensure compliance. Our offerings include:
- AI-enhanced threat detection and real-time monitoring
- Data governance aligned with GDPR, HIPAA, and PCI DSS
- Secure model validation to guard against adversarial attacks
- Customized training to embed AI security best practices
- Penetration Testing (Mobile, Web, AI, Product, IoT, Network & Cloud)
- Secure Software Development Consulting (SSDLC)
- Customized CyberSecurity Services
In response to this new wave of phishing threats, we also deliver:
- Homograph and Unicode phishing detection solutions
- Tailored security awareness and simulation programs
- Incident response planning for URL-based attacks
Follow COE Security on LinkedIn for continuous insights into cyber resilience, compliance, and emerging threats-stay informed and cyber safe.