Sample Custom signature attached to this article
As a shortcut, you can import the attached punycode_15400.xml file to your Custom Spyware signatures.
Make sure that TID 15400 is not defined for any other Custom Spyware signature in the configuration.
Reference websites with complementary information
https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/
http://fortune.com/2017/04/18/google-chrome-phishing-scam/
https://en.wikipedia.org/wiki/Internationalized_domain_name
A simple Puny <> regular text encoder/decoder:
https://www.punycoder.com/ |
