2023-06-26 | Awas Modus

Beware of Fake Websites Using Alphabets/Characters Similar to the Real Ones

Cyber criminals/hackers are getting more creative in carrying out their malicious actions. The latest trend is to create a fake website using similar characters that are difficult to distinguish from the official websites. In IT terminology, this is referred to as punycode, where the letters/characters in the official website address are replaces with other similar Unicode letters/characters. 

Unknowingly, the victims believe that the website address they are visiting is legitimate, and thus fall into the trap. As a result, the victim’s device is infected will malware that can transmit the victim’s private information to the hacker.

By stealing the data, the hacker can drain all the victim’s money. Therefore, you must be aware of the mode to minimize the risk of being a victim.

Punycode using the Cyrillic alphabet

Cyrillic is a Greek-like alphabet, which is used in Eurasian language families such as Czech, Ukraine, Russia, or Eastern Europe in general. The shape and characters of some alphabets are similar to Latin letters, making them susceptible to confusion.

The punycode website forgery scam has long been a concern in the IT world. The most talked about case is the Cyrillic alphabet forgery. Similar scams may also occur using other alphabets/characters such as the Greek, Thai, Chinese, Japanese alphabets, etc.

The distinctive Cyrillic alphabet that has letters similar to Latin letters makes it often used for cybercrime modes.

The most commonly used character is “ɑ” to replace the letter “a”. if you look carefully, the two letters will read as the letter “a”. however, they are actually two different characters that can be used to indicate different addresses. For example, on the KlikBCA website scam.

At first glance, it looks the same, but you can be directed to a different web page.

On certain devices, the website address https://www.klikbca.com may actually look the same.

On certain devices, the website address https://www.klikbca.com may actually look the same.

Clicking on the URL link can cause harm to the victim. One risk is that the victim’s device is infected with malware. Those thinking they’re on an official website will immediately enter their bank account’s user ID and password. All input data is sent to the hackers.

After getting all the data needed, the hacker can access the victim’s account and take all the money.

Signs of a Fake Website that Contains Punycode

There are several characteristics that you can look out for to avoid the risk of this scam:

  • If copied and paster into WhatsApp or other social media applications, they look the same. But if pasted into a trusted browser, the fake website will not be read as an official website URL. For example, the fake klikbca.com will read as another URL, such as the one shown in this visual.

  • On certain devices, fake websites can look exactly the same as the official ones. The website address that uses Punycode does not appear as a hyperlink, but only as plain text (in black), not clickable hyperlink text (in blue).

Tips to Avoid Fake Websites

Knowing the method may not be enough for you to avoid becoming a victim. You need to be extra vigilant in all your banking transactions. Here are tips to avoid this scam:

1. Do not click on suspicious links

Cyber criminals usually send these links via email, text messages or WhatsApp. This is done to direct the victim to access the link by clicking it.

For this reason, you should not carelessly click or access links given by unknown sources.

2. Recognize the Bank’s official website

To protect yourself from criminals on behalf of the bank, you need to be more familiar with some of BCA’s official websites.

Official websites begin with https:// (the letter ‘s’ means secured), while fake websites do not. Ignore websites that resemble or claim to be from BCA.

3. Check if the link contains Punycode

To test whether the link provided is real or fake, you can copy and paste it in a trusted browser. Websites that use Punycode, for example Cyrillic, will appear with an irregular URL format that changes from what was originally similar to the official website URL (see example of a fake website point 1). If you find a link like that, you can be sure it’s fake.

4. Type the website address into the browser yourself

Instead of copying or accessing a website from a link given by someone, it’s better to type the website address directly into your browser or use a trusted bookmarker to access the site. This step is better than clicking a link given to you.

5. Use a trusted browser & update regularly

Always use a trusted browser for your security. Always update your browser to increase security and comfort in accessing websites on the internet. This step can prevent you from visiting fake websites.

6. Report fraud immediately

You can also play an active role in preventing more victims by reporting this case to BCA. You can contact Halo BCA at 1500888 or via the haloBCA app. If necessary, also report to the authorities for further handling.

There you have it, the information about fake/phishing websites using Punycode. Stay vigilant by looking for information on other crime modes on AwasModus.