cybersecurity

5183 readers

12 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

192

Hackers Replace 'm' with 'rn' in Microsoft(.)com to Steal Users' Login Credentials (cybersecuritynews.com)

submitted 3 days ago by cm0002@suppo.fi to c/cybersecurity

33 comments fedilink hide all child comments

A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant.

By replacing the letter ‘m’ with the combination of ‘r’ and ‘n’, fraudsters create a visual doppleganger that is nearly indistinguishable from the legitimate domain at a casual glance.

This technique, known as typosquatting, relies heavily on the font rendering used in modern email clients and web browsers.

you are viewing a single comment's thread
view the rest of the comments

[–] Railcar8095@lemmy.world 38 points 3 days ago

On the one hand, it can help mitigate phishing attacks that could cost millions. On the other hand, rnicrosoft would have to spend 20 pounds in something not AI related.

Surely you can see why it's not an easy solution.

Devils advocate: it's not their responsibly to prevent third parties impersonating them. But it would be pretty damm nice if they did.