Do you see it?

exactly this
i just type shit directly in the address bar, you can't mess up something as simple as "binance" if you're not retarded

Google auth + using a diffrent password for each websites should save you even you run across this. (also write google auth backup key)
But yeah it's good to know.

??? please explain

How do these links even appear ? I just put in binance, bitfinex, bittrex etc in the browser and the correct result is always first.

Well, in a panic move you could mess up two characters and land on phishing website hosted by this domain.

if you click a url shortener like those on twatter you don't need to type special chars

google.com/search?&tbm=isch&q=square and compass

search link related to pic related.

>he just learned that a lot of corporations use Masonic symbolism
welcome to real life.

to all you retards being scared of getting keylogged: BOOKMARK THE SITE

Yes.... but in this case it is just a technique to further obfuscate the URL.

Infosec fag here.
Homographic/IDN/Punycode attacks have been around for more than a decade.
schneier.com/blog/archives/2005/02/unicode_url_hac_1.html
they have become more viable because all modern browsers support IDN and are therefore "vulnerable"(it's almost unfixable btw as there are several languages where those characters have a legitimate use)
best browsers can do is display a warning that the URL contains non ASCII chars especially if it's composed of chars from two different alphabets as that would be a fairly reliable indicator that something phishy(pun intended) is going on
there are a few browser extensions that would alert you if you were to visit an URL employing this kind of attack:
addons.mozilla.org/en-US/firefox/addon/idn-safe/
chrome.google.com/webstore/detail/idn-safe/kegeenojcnijgmfgkcokknkbpmjcabdm
to be fair browsers already do try to protect users in various ways
wiki.mozilla.org/IDN_Display_Algorithm but covering every single case is difficult and they tend to sacrifice security for convenience xudongz.com/blog/2017/idn-phishing/ also firefox users can use the about:config panel to set the network.IDN_show_punycode flag to true

it's HTTPS and has a certificate so it's safe

You're welcome. Congratulations on taking your first little redpill. But that's just a thin layer of snow on the tip of the iceberg. If you think you're in "real life" or have any deep knowledge about freemasonry, thanks to just simply knowing about that; then you're mistaken.

And if we take freemasonry as an isolated thing; for example, do you know about the relevance of Akhenaton in relation to freemasonry? No? Didn't think so.

in a panic you could type that weird fucking cyrillic n instead of a regular n? stfu retard

HOLY SHIIIIT

>linkie
>searches for gay porn
why does this not surprise me?

...

its an ancient meme you absolute newfag

...

>nolinker
>is a newfag
why does this not surprise me?

>saving the thumbnail

fucking redditors

Fuck me thanks for the heads up.

Post the link so I can see how this looks in my browser.

>stale meme
>still gay
congratulations

>reddit
GET OFF MY BOAAAAAAAARD

Also, NEVER access your accounts at work. Many employers use keyloggers amoung other spy tools on their employees.

that's what smartphones are for dude

Why would you ever click on a link to an exchange? Is it really that hard to type out 'binance.com'

use a password manager that puts in the credentials for you, also keeps you from falling for phishing scams because the websites won't match up.

How does the phishing website get through 2fa?

It also takes me like 20 tries to get through binance's retarded ass bot detector. I wonder if phishing websites replicate that.

bro dont underestimate how much time pajeets have on their hands, once you put your 2fa seconds later there is a pajeet putting it in to get through

you log in on the fake site
the fake site asks you for your auth code (at this point a bot is already logged into your real account)
you input the code (the bot uses it to access your real account instantly)
your shit is now gone

But you have reenter the 2fa for each withdraw...

I just type URLs. Dont even trust bookmarks because maybe there is some attack vector whereby some malware is able to change bookmarks.

would it help at all to enter your auth code right as it is about to expire?

lol western morons are just paranoid cowards. I don't give a shit about hackers. I use same passowrd 1q2w3e4r5t everywhere, I don't use antivirus, I download any shit from torrents etc nothing happened. nothing will happen. to get hacked is similar to get shot randomly on street. 1 in 100000000. whole generation of westerners turned full pussified faggots

t. pajeet with $83 total worth

You still have to confirm withdrawal with email.

I don't get it how some people get hacked.
You really have to be a fucking retard.
Even if you give someone your username, password and 2fa seed, they can't do sheet if they don't have access to your email.

Oh no! I accidentally typed these crazy ns with dots below them. Now all muh LINK is gone!

shit i think i've been scammed, the binance url i went to has a weird dot above the i

He means you could go to an address because of a typo that redirects you to this phising binance site that looks closer to normal and youre less likely to notice. Stupid nigger.

What's the point when 2fa exists

en.wikipedia.org/wiki/IDN_homograph_attack

Chrome and Mozilla devs refuse to fix this vulnerability because they think Arabic, Chinese, Cyrillic, Tamil, Hebrew and Latin alphabet-based characters should be allowed in URLs.

Even micropoo fixed this in edge.

hrrhrrrrr :Dddxdd

Unicode was a mistake. We'd have been better off just nuking any country that refused to switch to the Latin alphabet.

How can you do this?

>There are people in crypto who log onto their accounts with their phones
I shiggy diggy

whos mad enough to hold crypto on an exchange?

what is two factor? what is encoded private key? what sms confirmation, what is life

>mfw I only use the app

bookmark it the first time. done.

fuck off this is fake as fuck. no special characters for domains ass hat.

Also has zero fees. Get in or stay poor

>reddit
did you do this on purpose?
if you did then 10/10 otherwise get off my board redditfag

also trippps

Impressive that they got a certificate authority to sign off on that one.

biṇaṇce.com for anyone who wants to visit it! And also, at least firefox pops up a big warning page.

And authorize it through email.

You can get SSL certificates for free without giving any details

Why not just use a cyrillic "a" instead of a latin "a"?

Are those two "a" different?

no

why the fuck do browsers even do this? I thought URLs could only be letters numbers and dashes?

Thank god there's unicode. What would we do without oͨͭ̇ͧ͐̋ͯu̖̹̩͈̣͓̓ͪ̇ͮr̙̗̘̘͎̟̝͑̃̂ͯ̏̍͂͜ ̰̬͕͕̯ͬͪ̾͒̌͗ͦb̞͈̖ͩͭͨͮͅė̞̻̬͕͚͂ͬ̈́̈l̟͉͔͊̈̄̚͡o̜ͯ̚v̘͕̩͙͇̹̩̉̕e̞̬͛̄͆̉͝ḏ͉͐̓̂̍ ͚̤̜͔̗̎ͦã̂̈͝n̜͕̖̤͚̿d̘͍̯͑̇̄̀ ̯̖̠̘̊l̟͇̋̈̓̿o̻̙̪͓͎̪̰̓ͮͭ͊ạ̩̙ͫ́t̳̦̞̤͎̜̐́̓͌h͇̩̭͚̜e̦̟͈͔̬̫͈̓̏̐̈d̩͙̜̋͐̌ͫ͂̋̄ ̨͉̖u̦͚͚ͣ͗̊n̜̣̯̝̹͖̪ͬͫͯ̾͗i̖͕͍͈̰̗̔̏̉̒͐c̥̻̱͋ͣ̃o̱̝ͯ͗d̓̀̽͆̆̚é̸̫̗̫̞̯̄͌ ̘͕̼̮͉̍̋͋ͪ̏́̚ḫ̥̣̻̳͐ͩ̚ě͎̹̬̺̝͈̪ͬͭ̃̑ͦ#̧͈̖͕̭̏̑ͣ̎̑s͉͐ͧ̈́ͪͤ ̗̼̝̰̞̳̝̊ͮ͛̆̽̐ć̛̭̫͕͐͆͒͆o̩̳̞̞̾̇̔ͦ͋̚m͇̳̹̭ͦͧ͠i̧ṉ̛̳̻ͤg͔̱̩̮̤͆̈́͐͊̈́̎̇ ̞̆̐̿͟t̟̝͛ͪh̝̫̠͇̬͒r͗̒o̩͖͉̮̓ͩͪ͂u̩͉̘͕͈̼͔g̱̪ͪ͌ͭ̍̚h̺̱̦̤͈͑̓̓ͬ͌̍̕ ͨ̒ͭ͢t̴͎̫̳͚̻͇ͤ́̚ḫ̯͉̼̜͓̍̀ě̢͇̭̩ͮ͐ ̘͊̍̄w̮͕͇͇̖̻͊̎̄ä̌ľ̜͇̜̳͕̋̊̓̾̽l̰̬ͧs̶͍͔̥̣̆́̏ͤ ͕̞͎͎̙͗́ͯ̒͑͆͢Z̠̝̬͘Ă͙̬̱͙̩͇͂̐̈́̈L̥͔͈͓̞̓̔͠G̠̫̺̘͗Oͣ͋̈́