To block suspicious destinations and prevent phishing attacks, you can add a domain name encoded in Punycode to destination lists. For more information about preventing Punycode attacks, see Umbrella Learning Center: Punycode Awareness and Protection.
Punycode is a way to represent domain names that use characters outside of the standard ASCII set. The domain name system (DNS) accepts a subset of ASCII characters for domain name labels. Because Punycode uses characters that look similar, it can be used to mislead unsuspecting users to malicious content.
In phishing attacks, a malicious actor may replace certain ASCII characters in a domain name with Unicode characters. A browser or mobile client displays the altered domain name (as Unicode) which closely resembles an authentic domain name. For example, bücher.com and bucher.com look similar but are different domains.
To prevent phishing attacks and block malicious domain names, encode a domain name that contains Unicode characters in Punycode. Once encoded, add the Punycode string to a destination list. For more information about Punycode, see RFC 3429.
Note: You can only add Punycode encoded domain names to a destination list one at a time.
|a||a-||Only one ASCII character.|
|😉||xn--n28h||Only one emoji character.|
|α||mxa||Only one Greek character.|
|starɓucks.com||xn--starucks-hpd.com||Domain name with a Unicode character.|
|adıdas.de||http://xn--addas-o4a.de/||Domain name with a Unicode character.|
Updated 4 days ago