{"id":22972,"date":"2025-10-07T08:30:57","date_gmt":"2025-10-07T01:30:57","guid":{"rendered":"https:\/\/fpt-is.com\/en\/?post_type=goc_nhin_so&#038;p=22972"},"modified":"2026-01-20T10:27:44","modified_gmt":"2026-01-20T03:27:44","slug":"phishing-campaign-uses-unicode-character-to-trick-users","status":"publish","type":"goc_nhin_so","link":"https:\/\/fpt-is.com\/en\/insights\/phishing-campaign-uses-unicode-character-to-trick-users\/","title":{"rendered":"Booking.com Phishing Campaign Uses Unicode Character &#8220;\u3093&#8221; to Trick Users"},"content":{"rendered":"<p><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h1-1759132231.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-22977\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h1-1759132231.jpg\" alt=\"H1 1759132231\" width=\"1012\" height=\"511\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h1-1759132231.jpg 1012w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h1-1759132231-700x353.jpg 700w\" sizes=\"(max-width: 1012px) 100vw, 1012px\" \/><\/a><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Attackers are exploiting a special Unicode character to create phishing links that look like the official\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Booking.com<\/a>\u00a0links in a new campaign to distribute malware. This attack uses the Japanese hiragana character\u00a0<strong>&#8220;\u3093&#8221;<\/strong>, which can appear as a slash on some systems, making the phishing URL seem legitimate to users at a glance.<\/span><\/p>\n<h2 id=\"heading-homoglyph-attack-technique\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Homoglyph Attack Technique<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">This attack, first discovered by security researcher JAMESWT, takes advantage of the Japanese hiragana character\u00a0<strong>&#8220;\u3093&#8221;<\/strong>\u00a0(Unicode U+3093), which resembles the Latin character sequence &#8216;\/n&#8217; or &#8216;\/~&#8217; in some fonts. This visual similarity allows scammers to create URLs that appear to belong to the official\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Booking.com<\/a>\u00a0domain but actually lead users to a malicious website.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h2-1759132222.jpeg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-22973\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h2-1759132222.jpeg\" alt=\"H2 1759132222\" width=\"956\" height=\"1049\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h2-1759132222.jpeg 956w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h2-1759132222-700x768.jpeg 700w\" sizes=\"(max-width: 956px) 100vw, 956px\" \/><\/a><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">This technique is a type of\u00a0<strong>homoglyph attack<\/strong>\u2014using characters that look similar but belong to different character sets or alphabets. For example, the Cyrillic character\u00a0<strong>&#8220;\u041e&#8221;<\/strong>\u00a0(U+041E) can appear identical to the Latin letter\u00a0<strong>&#8220;O&#8221;<\/strong>\u00a0(U+004F) to humans, but they are different characters.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h3-1759132231.png\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-22976\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h3-1759132231.png\" alt=\"H3 1759132231\" width=\"946\" height=\"494\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h3-1759132231.png 946w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h3-1759132231-700x366.png 700w\" sizes=\"(max-width: 946px) 100vw, 946px\" \/><\/a><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">In the phishing email shared by the researcher, the text appears as\u00a0<strong>&#8220;<\/strong><strong><a class=\"autolinkedURL autolinkedURL-url\" href=\"https:\/\/admin.booking.com\/hotel\/hoteladmin\/\" target=\"_blank\" rel=\"noopener nofollow\">admin.booking.com\/hotel\/hoteladmin<\/a><\/strong>&#8230;&#8221; which seems like the real <a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Booking.com<\/a>\u00a0address, but the actual link points to:<\/span><\/p>\n<p><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h4-1759132230.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-22975\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h4-1759132230.jpg\" alt=\"H4 1759132230\" width=\"1200\" height=\"582\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h4-1759132230.jpg 1200w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h4-1759132230-700x340.jpg 700w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/a><\/p>\n<div>\n<div>\n<div style=\"text-align: center\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><code class=\"lang-plaintext\">texthttps:\/\/account.booking.com\u3093detail\u3093restric-access.www-account-booking.com\/en\/<br \/>\n<\/code><\/span><\/div>\n<\/div>\n<\/div>\n<h2 id=\"heading-how-malware-works-and-is-distributed\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">How Malware Works and Is Distributed<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">When displayed in a web browser&#8217;s address bar, the characters\u00a0<strong>&#8220;\u3093&#8221;<\/strong>\u00a0can trick users into thinking they are navigating through a subdirectory of\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">booking.com<\/a>. In reality, the registered domain is actually\u00a0<strong>www-account-booking[.]com<\/strong>, a fake malicious website, and everything before that is just a string of deceptive subdomains.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Victims who click the link are redirected to a malicious MSI file from a CDN link. The MSI file is used to drop further payloads, which may include an\u00a0<strong>infostealer<\/strong>\u00a0or a\u00a0<strong>remote access trojan<\/strong>. Samples of the malicious website are available on MalwareBazaar by\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/abuse.ch\/\" target=\"_blank\" rel=\"noopener nofollow\">abuse.ch<\/a>, with any.run analysis showing the infection chain.<\/span><\/p>\n<h2 id=\"heading-trends-in-unicode-and-ai-attacks\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Trends in Unicode and AI Attacks<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Unicode attacks are becoming more sophisticated. According to research from Juniper Threat Labs, a new JavaScript obfuscation technique using invisible Unicode characters is being used in phishing attacks targeting branches of a US political action committee.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">This technique exploits invisible Unicode characters, specifically Hangul half-width (U+FFA0) and Hangul full-width (U+3164), to hide malicious JavaScript code in white space. These attacks are highly personalized, include non-public information, and use anti-debugging measures to evade analysis.<\/span><\/p>\n<h2 id=\"heading-phishing-statistics-and-economic-impact-2025\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Phishing Statistics and Economic Impact 2025<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Phishing has become a leading threat with alarming numbers:<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Attack Volume<\/strong>: An estimated\u00a0<strong>3.4 billion phishing emails<\/strong>\u00a0are sent daily, accounting for 1.2% of global email traffic. APWG detected over\u00a0<strong>1 million unique phishing attack websites<\/strong>\u00a0in just the first quarter of 2025.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Financial Impact<\/strong>: The average cost of a data breach involving phishing is about\u00a0<strong>$4.88 million<\/strong>. In 2024, consumers reported losses exceeding\u00a0<strong>$12.5 billion<\/strong>\u00a0due to email scams, a\u00a0<strong>25%<\/strong>\u00a0increase from the previous year.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Success Rate<\/strong>: Phishing is the starting point for\u00a0<strong>36% of all data breaches<\/strong>, making it the most reliable method for attackers to gain an initial foothold in a target network.<\/span><\/p>\n<h2 id=\"heading-impact-of-ai-on-phishing\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impact of AI on Phishing<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">The advent of generative AI has revolutionized phishing. Since the launch of ChatGPT in late 2022, the volume of phishing emails has increased by\u00a0<strong>1,265%<\/strong>. AI enables attackers to create emails with perfect grammar, contextual awareness, and high persuasiveness that are almost indistinguishable from legitimate communications.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to an IBM experiment, AI can build a sophisticated phishing campaign in just\u00a0<strong>5 minutes<\/strong>\u00a0using 5 prompts, while a team of human experts takes\u00a0<strong>16 hours<\/strong>\u00a0to complete the same task. Currently, AI-generated content is used in\u00a0<strong>82.6%<\/strong>\u00a0of phishing emails.<\/span><\/p>\n<h2 id=\"heading-similar-intuit-phishing-campaign\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Similar Intuit Phishing Campaign<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">BleepingComputer also discovered a separate phishing campaign targeting users with Intuit-themed emails. These emails use domains starting with\u00a0<strong>&#8220;Lntuit&#8221;<\/strong>\u00a0&#8211; something that, when written in lowercase, can resemble &#8220;intuit&#8221; in certain fonts.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h5-1759132229.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-22974\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/09\/h5-1759132229.jpg\" alt=\"H5 1759132229\" width=\"531\" height=\"1200\" \/><\/a><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">The unusually narrow layout of this email suggests it is primarily designed for mobile viewing, with attackers betting that mobile users will click on the phishing link without checking carefully.<\/span><\/p>\n<h2 id=\"heading-clickfix-attack-trend\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">ClickFix Attack Trend<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to research from Cofense Intelligence, fake\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Booking.com<\/a>\u00a0campaigns have surged, with 47% of the total campaign volume occurring in March 2025 alone. These campaigns use the\u00a0<strong>ClickFix<\/strong>\u00a0technique, where users are tricked into performing &#8220;verification&#8221; steps that include copying and executing a script via Windows shortcuts.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Analysis shows that 75% of campaigns using fake CAPTCHA employ the fake\u00a0<a class=\"autolinkedURL autolinkedURL-url\" href=\"http:\/\/booking.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Booking.com<\/a>\u00a0template, while 64% deliver RATs (Remote Access Trojans) and 47% distribute information stealers. XWorm RAT accounts for 53% of the total threat activity reports in these campaigns.<\/span><\/p>\n<h2 id=\"heading-targeted-industries\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Targeted Industries<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to statistics from EasyDMARC, the most targeted industries in 2024 include:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Software and IT services<\/strong>: 26% of phishing attacks<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Education<\/strong>: 8.62%<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Financial services<\/strong>: 6.13%<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">The IT industry faces greater risks due to its critical role in infrastructure and access to valuable data.<\/span><\/p>\n<h2 id=\"heading-comprehensive-prevention-measures\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Comprehensive Prevention Measures<\/span><\/h2>\n<p id=\"heading-email-and-dns-authentication\" class=\"permalink-heading\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong><span style=\"font-size: 12pt\">Email and DNS Authentication<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Implement email authentication protocols<\/strong>: Use SPF, DKIM, and DMARC to verify emails sent from your domain. DMARC allows email recipients to determine if the message is truly from the sender.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Enable DNSSEC<\/strong>: DNS Security Extensions help prevent DNS spoofing attacks by verifying the integrity of DNS records.<\/span><\/p>\n<p id=\"heading-domain-monitoring\" class=\"permalink-heading\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong><span style=\"font-size: 12pt\">Domain Monitoring<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Monitor similar domains<\/strong>: Proactively register common typos, alternative TLDs, and homograph variations of your organization&#8217;s domain. Use domain monitoring tools or threat intelligence feeds to detect new registrations similar to your domain.<\/span><\/p>\n<p id=\"heading-education-and-training\" class=\"permalink-heading\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong><span style=\"font-size: 12pt\">Education and Training<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>User awareness training<\/strong>: Conduct regular training sessions for employees to help them recognize phishing attempts and other spoofing tactics. Train users to identify suspicious emails, including poor grammar, urgent requests for sensitive information, or unfamiliar sender\u00a0addresses. <\/span><\/p>\n<h2><span style=\"font-family: arial, helvetica, sans-serif;font-size: 12pt\"><strong>Technology Solution<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Implement advanced email filtering<\/strong>: Use advanced email filtering solutions to detect and block phishing emails, especially those attempting to spoof domains. Anti-phishing tools leverage machine learning and real-time threat intelligence to analyze email content, sender reputation, and embedded links.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Use dedicated security tools<\/strong>: Specialized software and hardware like email security gateways and advanced threat protection software perform incoming message analysis to identify anomalies and block suspicious spoofed messages.<\/span><\/p>\n<p id=\"heading-testing-and-monitoring\" class=\"permalink-heading\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong><span style=\"font-size: 12pt\">Testing and Monitoring<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Conduct regular security assessments<\/strong>: Provide periodic evaluations of security posture through comprehensive assessments, including reviews of email system vulnerabilities, security protocol evaluations, and continuous adherence to best practices.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Continuous monitoring<\/strong>: Regularly monitor your domain registrations and DNS records to detect unauthorized changes. Periodic checks of these records can quickly alert you to potential security breaches before they become actual spoofing incidents.<\/span><\/p>\n<p id=\"heading-browser-configuration\" class=\"permalink-heading\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong><span style=\"font-size: 12pt\">Browser Configuration<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Enable Punycode display<\/strong>: For Firefox users, type &#8220;about:config&#8221; in the address bar, search for &#8220;network.IDN_show_puny_code,&#8221; and set the value to true to display Punycode instead of ASCII. Chrome has addressed this issue since version 58.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Use a password manager<\/strong>: If you are on a Unicode domain, the password manager will not be fooled and will not fill in login information in the fields. When this happens, it is a major warning sign about the site you are visiting.<\/span><\/p>\n<h2 id=\"heading-conclusion\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Conclusion<\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Homoglyph attacks using Unicode characters like &#8220;\u3093&#8221; represent an increasingly sophisticated threat in the current phishing landscape. With the rise of AI and new obfuscation techniques, defense requires a multi-layered approach combining technology, education, and continuous monitoring.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">These incidents serve as a reminder that attackers will continue to find creative ways to exploit typography for social engineering. Visually checking URLs is no longer reliable enough, requiring organizations to invest in comprehensive security solutions and raise awareness of these new threats.<\/span><\/p>\n<hr \/>\n<h2 id=\"heading-references\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">References<\/span><\/h2>\n<ol>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/bookingcom-phishing-campaign-uses-sneaky-character-to-trick-you\/\" target=\"_blank\" rel=\"noopener nofollow\">BleepingComputer: Booking.com phishing campaign uses sneaky &#8216;\u3093&#8217; character to trick you<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.meshsecurity.io\/blog\/homoglyph-attacks-understanding-and-mitigating-the-threat\" target=\"_blank\" rel=\"noopener nofollow\">Mesh Security: Homoglyph Email Attacks: Understanding and Mitigating the Threat<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/phishing-fake-bookingcom-emails\/\" target=\"_blank\" rel=\"noopener nofollow\">Infosecurity Magazine: Phishing Campaign Uses Fake Booking.com Emails to Deliver Malware<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/cofense.com\/blog\/clickfix-campaign-spoofs-booking-com-for-malware-delivery\" target=\"_blank\" rel=\"noopener nofollow\">Cofense: ClickFix Campaign Spoofs Booking.com for Malware Delivery<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/deepstrike.io\/blog\/Phishing-Statistics-2025\" target=\"_blank\" rel=\"noopener nofollow\">Deepstrike: Phishing Statistics 2025: AI, Behavior &amp; $4.88M Breach Costs<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/easydmarc.com\/blog\/phishing-statistics\/\" target=\"_blank\" rel=\"noopener nofollow\">EasyDMARC: Global Phishing Statistics, Trends, and Insights<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.sentinelone.com\/cybersecurity-101\/threat-intelligence\/domain-spoofing\/\" target=\"_blank\" rel=\"noopener nofollow\">SentinelOne: Domain Spoofing: Definition, Impact, and Prevention<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.cycognito.com\/learn\/drps\/spoofed-domains.php\" target=\"_blank\" rel=\"noopener nofollow\">CyCognito: How Domain Spoofing Works and 8 Ways to Prevent It<\/a><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.techmagic.co\/blog\/blog-phishing-attack-statistics\" target=\"_blank\" rel=\"noopener nofollow\">TechMagic: Phishing Statistics in 2025: The Ultimate Insight<\/a><\/span><\/li>\n<\/ol>\n<table style=\"border-collapse: collapse;width: 100%;height: 24px\">\n<tbody>\n<tr style=\"height: 24px\">\n<td style=\"width: 100%;height: 24px\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong>Exclusive article by FPT IS Technology Experts<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><em>Dinh Van Manh \u2013 FPT IS Cyber Security Center<\/em><\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"author":21,"featured_media":22978,"parent":0,"template":"","nang_luc":[790,821],"danh_muc_goc_nhin_so":[789],"dich_vu":[859,712],"linh_vuc":[],"platform":[],"san_pham":[],"the_goc_nhin_so":[],"class_list":["post-22972","goc_nhin_so","type-goc_nhin_so","status-publish","has-post-thumbnail","hentry","nang_luc-experts-sharing","nang_luc-security","danh_muc_goc_nhin_so-expert-sharing","dich_vu-public-sector-news","dich_vu-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so\/22972","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so"}],"about":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/types\/goc_nhin_so"}],"author":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/users\/21"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media\/22978"}],"wp:attachment":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media?parent=22972"}],"wp:term":[{"taxonomy":"nang_luc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/nang_luc?post=22972"},{"taxonomy":"danh_muc_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/danh_muc_goc_nhin_so?post=22972"},{"taxonomy":"dich_vu","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/dich_vu?post=22972"},{"taxonomy":"linh_vuc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/linh_vuc?post=22972"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/platform?post=22972"},{"taxonomy":"san_pham","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/san_pham?post=22972"},{"taxonomy":"the_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/the_goc_nhin_so?post=22972"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}