Chrome, Safari users warned over new phishing threat
Users of Chrome and Safari are being warned about a new wave of phishing attacks that could lead to stolen accounts, credentials, and personal data—especially on mobile devices, where spotting suspicious details is more difficult.
According to a report cited by Cybersecurity News, hackers are exploiting a simple but effective typo trick by using the letters “r” and “n” together to mimic the letter “m” in website addresses. On small screens, this manipulation can make fake URLs appear almost identical to legitimate ones, allowing attackers to convincingly impersonate well-known brands, News.Az reports, citing Forbes.
This method, known as a homoglyph attack, relies on visually similar characters to deceive users.
Such attacks are commonly used in phishing schemes, domain impersonation, and even software supply chain intrusions, often with high success rates because the fraudulent sites closely resemble the real ones.
Cybersecurity News reports that two recent campaigns using the “r+n” technique have targeted Microsoft and Marriott. Of the two, the Microsoft-focused attack is considered particularly dangerous, as access to Microsoft credentials or accounts can be extremely valuable to attackers.
Security firm Anagram highlighted a similar campaign aimed at Microsoft users, in which phishing emails are sent from the fake domain “rnicrosoft.com.” These messages often pose as security alerts or invoice notifications to pressure recipients into clicking links and entering login details.
While users can check links by hovering over URLs before clicking, many fail to do so in practice. Experts stress that the most important precaution is to never log into accounts—whether Microsoft, Marriott, or any other service—through links received via emails or messages. Instead, users should access accounts directly through official apps or by manually typing the correct website address.
Enabling passkeys and two-factor authentication on all important accounts, especially Microsoft accounts, is also strongly recommended. In light of this warning, users are urged to pay close attention to website addresses that begin with or contain the letter “m,” as the “r+n” substitution can be particularly difficult to detect.
By Nijat Babayev
Similar news
