@wwzsocki, I had a fight with you in another thread but the truth is, I never wanted to engage in a fight but you got insulted by me. I am sorry for that. I hope you didn't take it with heavy heart.
I keep sitting here and look for posts in my account history to recall what was this all about but can't find anything. I hope it wasn't done on purpose, maybe language barriers, please send me link if there is any or remind (maybe in DM?) what was that all about,
I hope it wasn't my intention to insult you but if it was then one more time i am very sorry and hope that you will be able to accept my apology
A friendly bump!
I believe this thread needs more attention from everyone, so it gets bumped. People need to read this and understand the importance of the Punycode and Homograph phishing attacks. I thought I knew many things, but I am being honest here, I never heard about it before this week when SFR10 mentioned it. He forwarded me to this thread, which everyone should read and know.
I have edited/updated a bit for beter read, thanks for bumping it, also hope that more people will read about "Punycode and how to protect yourself from Homograph Phishing attacks"
Punycode and Homograph Phishing attacks are the easiest way to get scammed and many even experienced internet users are not able to recognize it, enough to type username and password on fake website
Lately this scam is even better and there are fake websites that redirect to original website after hitting login for example, so there is small chance to recognize that something gone wrong, people think "oh failed login, for sure typed wrong, fat fingers" and try one more time, which is successful, they don't expect that somebody just got access to this account.
I myself almost shared password to one of my exchanges accounts, so I am totally aware how well made fake websites are, at first look I wasn't able to recognize it, don't mention spoofed URL, of course it looked exactly same as original
The best practice to be safe is to use links only from trusted sources, direct links and bookmark them.
Password manager is also very helpful, in my case switched on the red lamp when i wasn't able to login to the fake website when I was simply clicking on username, it should fill automatically and I got nothing, couldn't login even if I wanted to because didn't knew the password, it is strong and generated by the password manager.
always use Two-Factor Authentication (2FA) if possible