Microsoft Office applications appear to be vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, OneNote and PowerPoint.
Homograph phishing
“Homograph phishing attacks are based on the idea of using similar characters to impersonate another website,” Bitdefender researchers .
“While most of these attacks are easily detectable by end users with appropriate training (e.g. g00gle.com), international domain name (IDN)-based homograph attacks can be identical to the domains they spoof.”
Even if a browser displays the real name after opening the link, the email client uses the display name in the preview window. Even users who are trained to check a link in an email client before clicking it are vulnerable to this attack technique because it has not yet been translated into a real domain name in the browser. The real domain name is only visible when the page is opened. The website that opens even has a valid security certificate and is completely controlled by a threat actor. The most effective measure to prevent such attacks is comprehensive security awareness training for employees. Providers like KnowBe4 generally try to test how attentive employees are using simulated phishing emails.
Source: Press portal/KnowBe4
This might also be of interest: “Your account has been hacked”: Warning of blackmail attempts by email
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

