CAPEC-632

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Low Severity: Medium
Homograph Attack via Homoglyphs

Description

An adversary registers a domain name containing a homoglyph, leading the registered domain to appear the same as a trusted domain. A homograph attack leverages the fact that different characters among various character sets look the same to the user. Homograph attacks must generally be combined with other attacks, such as phishing attacks, in order to direct Internet traffic to the adversary-controlled destinations.

Prerequisites

An adversary requires knowledge of popular or high traffic domains, that could be used to deceive potential targets.

Mitigations

Authenticate all servers and perform redundant checks when using DNS hostnames.

Utilize browsers that can warn users if URLs contain characters from different character sets.

Skills Required

[Low] Adversaries must be able to register DNS hostnames/URL’s.