Home | My Feed | Saved Stories | About | Privacy
Back

New Phishing Attacks Impersonate Microsoft and Marriott Using 'rn' Typo Trick

Show me the source 1 Sources
Generated on: Last updated:

New 'rn' Typo Phishing Attacks Target Microsoft and Marriott

Cybersecurity News has reported new phishing attacks utilizing an 'rn' typo trick to impersonate Microsoft and Marriott. This tactic involves replacing the letter 'm' with 'rn' in a URL, creating fake websites that appear nearly identical to legitimate ones, especially on smaller screens like mobile phones.

Attack Details

  • This method is a form of homoglyph attack, where visually similar characters are exploited to deceive users or systems.
  • The security firm Anagram identified a campaign specifically targeting Microsoft users. Phishing emails in this campaign use the domain rnicrosoft.com to send fake security alerts or invoice notifications.
  • The attacks aim to steal credentials and hijack user accounts.

Avoid logging into any accounts via links received in messages or emails. Instead, users should navigate directly to the official app or website.

User Recommendations

  • Avoid logging into any accounts via links received in messages or emails. Instead, users should navigate directly to the official app or website.
  • Enable passkeys and two-factor authentication on all key accounts, including Microsoft.
  • Users should carefully review URLs, especially those containing or starting with the letter 'm', due to the subtle nature of the 'r+n' substitution.