Take a look at the above message that WhatsApp users have reported being sent to them via the messaging app. It claims that there is a free £250 voucher up for grabs which you can use to buy your groceries at an ASDA supermarket. Other versions claim that similar vouchers are available for Tesco and Marks & Spencer.
But can you see why you should be wary of clicking?
Well, not only does it sound too good to be true, but take a closer look at that URL the message says you should click on.
Do you see the little mark above the “d” in “Asda”? It’s not a speck of dirt on your smartphone’s screen.
The “d” in the URL is in fact a “đ” (also known as a crossed d, or a d-stroke.)
That’s easy enough to tell when you see the image blown up on your desktop computer screen, but it’s a lot harder to spot when it appears in a WhatsApp message on your smartphone.
The character đ (Unicode U+0111) may not be used in English, but it is used in several other languages – and it turns out that technology’s ability to support a wide variety of languages comes at a cost.
What you’re seeing here is called a homograph attack, which exploits the fact that many different characters look alike. It’s a technique that has made it trivial for internet attackers to exploit near-identical looking characters to dupe unsuspecting users into clicking on dangerous links.
Phishers, for instance, love to use the trick to dupe you into thinking you are entering your credentials into your bank’s legitimate website
The latest spate of messages seen being spread on WhatsApp, as reported by The Mirror and Action Fraud, are not unique attacks, but are worth bearing in mind, when you receive suspicious messages via WhatsApp, SMS, Facebook Messenger, and so on.
Take care out there.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.