A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant.
By replacing the letter ‘m’ with the combination of ‘r’ and ‘n’, fraudsters create a visual doppleganger that is nearly indistinguishable from the legitimate domain at a casual glance.
This technique, known as typosquatting, relies heavily on the font rendering used in modern email clients and web browsers.
On the one hand, it can help mitigate phishing attacks that could cost millions. On the other hand, rnicrosoft would have to spend 20 pounds in something not AI related.
Surely you can see why it’s not an easy solution.
Devils advocate: it’s not their responsibly to prevent third parties impersonating them. But it would be pretty damm nice if they did.