CONSUMER GAL: Homographic hacking makes clicking on links dangerous
Terri Dickerson
In our fast-paced lives, hackers count on us not paying close attention when clicking on links. Take a look at the following website addresses for Google:
• Google.сom
• Googɩe.cоm
• Ɡoogle.com
• Google.com
Each example is a little bit different in the above URL address, with one letter or character being replaced with a letter from the non-Latin or Roman alphabet. Other popular go-to symbols implemented by hackers are from the Cyrillic and Greek alphabets.
Essentially, a homograph is a letter or character that looks the same to an end-user, but is different. What makes it different is a different computer code. So while an “a” might look like an “a,” they are two separate characters as far as a computer or a domain registrar are concerned.
This is why clicking on links can be dangerous. Browsers have built-in protections to block URLs and domain names implementing mixed alphabets, but the same protections are not granted in links or URLs sent in the body of an email or via social media. Once the URLs are clicked on, that is all it takes to compromise a computer or your entire network.
Here are a few things to do to protect yourself against homographic hack attacks.
1) Be careful before clicking on links or downloading attachments: Pay attention to any telltale signs of phishing attempts including misspelled words, or fonts that appear slightly off. Don’t feel like you have to respond to urgent messages. Hackers count on us being in a hurry.
2) Install software updates: Most browsers have built-in protections again homographic attacks and you want to make sure your security programs are up to date so they are working to protect you against malware. Constant updates are required in order to help your devices be effective against threats.
3) Confirm the identity of the sender: Make sure you know who is sending you a link in a text message, on social media or in an email. It is a good idea to follow up with a phone call to make sure the correspondence is legitimate.
• • •
Odd text message from Costco
A Post Falls reader contacted me about an odd text message she received from Costco. She purchased a Ring Video doorbell earlier in the day, and then that same evening she received a text from Costco asking her to verify her purchase was for a doorbell only and not the larger package that includes cameras with the doorbell. The text gave a phone number to call and also stated her account would be blocked until she contacted Costco. The number provided in the text was an incorrect number, which further raised suspicions about the validity of the contact.
The reader looked up the store number directly on the internet and called that number to verify her purchase was for the doorbell only. However, this approach by Costco is very disturbing for two reasons. First, I constantly warn readers of this column to be careful responding to messages like the one Costco sent out, as that is a ploy often used by scammers.
Second, Costco made a mistake in ringing someone out for the purchase, so why do they inconvenience every purchaser of that item to contact the store and then threaten to suspend their account if they don’t? Costco should own the mistake, correct it and not threaten customers.
This is the first incident of this sort I have heard of, but I hope it is not the new trend for other merchants as well. In times when scams are running rampant, it is disappointing to have a merchant add confusion to the mix.
• • •
RV purchases can be tricky
Recreational Vehicle (RV) sales boomed after Covid hit, and their sales remain strong as the pandemic continues. A Post Falls reader shared his experience with me, which revealed some of the pitfalls of purchasing and servicing RVs in the current environment.
The reader was interested in a new model introduced by Winnebago last fall known as the Ekko. The model was introduced in videos, but there were no actual models to view. He sought a price quote from an out-of-state dealer, but then decided to also get a quote from a local Winnebago dealer in Liberty Lake. Even after showing the quote to the local dealer, they were still $10,000 higher and would not get any closer to the first quote. In the end the reader decided to not put money down on the Ekko until he had the chance to actually see one in person (which he is still waiting to do thanks to the supply chain issues). However, it does illustrate an important decision all potential RV purchasers must face: Buy locally or seek the best price from an out-of-state dealer?
But what makes this decision more difficult is the availability of warranty service after the purchase. RV dealers claim they lose money on warranty work, so they try to minimize how much of it they do and they give preference to, or may only be willing to perform it for those customers that actually purchased the RV from them. Non-warranty work is more profitable for the dealer, so those customers rise to the top, along with those who purchased from them. And with all the complexities of modern RVs it should be expected that some things will go wrong.
So what should a potential buyer do? The reader’s plan, which I agree with, is to eventually buy his next RV from the dealer offering the lowest price, then do an extremely detailed inspection at delivery to ensure everything works properly before leaving the dealer’s lot. With the savings pocketed, he hopes repair videos on Youtube and a good tool kit will allow him to work through most issues on his own and spare him a lengthy wait on a warranty claim at a dealer. Many popular RVs also have their own Facebook groups, which offer a wealth of information for troubleshooting issues.
• • •
Remember: I’m on your side.
• • •
If you've encountered a consumer issue that you have questions about, or think our readers should know about, please send me an email at terridickersonadvocate@gmail.com or call me at 208-274-4458. As The CDA Press Consumer Gal, I’m here to help. I’m a copywriter working with businesses on marketing strategy, a columnist, a veterans advocate and a consumer advocate living in Coeur d’Alene.