Cyrillic Characters Used in Cyber Attacks

Posted on August 2, 2023

Recent reports show hackers substituting Roman alphabet with Cyrillic alphabet characters to deceive recipients. In their article “Real or Imposter? Everything You Need to Know About ‘Homoglyph’ Phishing”, CISO MAG describes this tactic, known as The Internationalized Domain Name (IDN) homoglyph attack, as “a deception technique that uses homoglyphs or homographs, in which an attacker abuses the similarities of character scripts to create phony domains of existing brands to trick users into clicking. A homoglyph is one of two or more characters or glyphs with shapes that appear identical or very similar.”

Clicking on a malicious link in haste in an email that spoofs a legitimate institution may direct you to a website that looks identical to the actual company brand being imitated and might request login credentials. Clicking a malicious link may also initiate download and install of a program capable of recording keystrokes and collecting confidential data including bank logins.

Avoid clicking links from emails, chat messages, and other publicly available content, most especially social media sites, without ensuring the visible link is indeed the true destination. You may hover over links to see their true destination. AAFCPAs also advises that clients establish and adhere to internal controls, monitor and test those controls, conduct simulated phishing expeditions via social engineering, and offer ongoing cyber security training.

Please forward this alert to your employees to ensure they are and remain phishing-savvy. Clients can boost security awareness by training employees on common phishing techniques, sharing the organization’s suspicious email response protocol, and reminding staff to always remain vigilant.

How may we help?

AAFCPAs conducts IT Risk/Cyber Security Assessments and offers Vulnerability Management as a Service (VMaaS) solutions to pinpoint potential exposures, to help organizations comply with government and industry regulations, and to boost organizational awareness. We also work with decision makers to devise security practices and protocols that safeguard your intellectual property, reputation, and bottom line.

To learn more, please contact Vassilis Kontoglis, Partner, Automation, Analytics, & IT Security at 774.512.4069 or vkontoglis@nullaafcpa.com—or contact your AAFCPAs Partner.

About the Author

Vassilis Kontoglis

Vassilis has 20+ years’ proven experience providing business intelligence, productivity, information risk management, and cybersecurity solutions. He is a critical resource in keeping clients and the firm on the forefront of transformative technologies while mitigating risks that come along with these advancements. Vassilis leads the delivery of Robotic Process Automation solutions at AAFCPAs. He understands the unique requirements to achieve RPA success, including proper design, planning, implementation, and governance. He works collaboratively with clients and cross-functional …

Related Insights

Safeguarding Against Holiday Season Phishing and Cyber Threats

AAFCPAs would like to remind clients that the period between Thanksgiving and New Year’s is a prime time for phishing and other malicious cyberattacks. Cybercriminals take advantage of increased internet shopping, debit/credit card use, and the influx of holiday offers to deceive individuals into disclosing sensitive information. Now more than ever, vigilance is required in […]

Shift in EEC Funding Model Requires Business Process Assessment

Effective October 1, 2024, the Massachusetts Department of Early Education and Care (EEC) shifted its contract reimbursement from a primarily unit-rate model to a mix of unit-rate and cost-reimbursable contracts. Under the new contracts, childcare seats will be reimbursed on a unit-rate basis while administrative and supportive services will be funded through cost reimbursement contracts. […]

Cost Center Coding Strategies for Effective Grant Reporting

For complex human and social services providers, managing grants and ensuring compliance can often feel like navigating a labyrinth. One effective strategy to simplify this process is through cost center coding. AAFCPAs provides the following detailed guidance on how to leverage cost center coding to streamline grant reporting and maintain compliance. Design Your Cost Centers […]