Knowing could save your life.
Do you see it?
Other urls found in this thread:
google.com
schneier.com
addons.mozilla.org
chrome.google.com
wiki.mozilla.org
xudongz.com
en.wikipedia.org
twitter.com
What are the dots below the Ns
Good catch. It is a phishing address using special characters instead of N's.
>Knowing could save your life.
I like to live dangerously.
why would you even click a link
just bookmark the right one
I didn't know that the .com domain allowed use of special characters. I know this is true for a number of national domains.
that shits crazy bruh
i thought there was something on my screen, kek.
thanks for posting, OP
They fucking shouldn't.
Seriously, what good can come of this????
Nothing.
No keyboards type that shit, you've gotta use hotkeys or fucking special keyboards. Its only good for tricking people.
sneaky fucks
exactly this
i just type shit directly in the address bar, you can't mess up something as simple as "binance" if you're not retarded
Google auth + using a diffrent password for each websites should save you even you run across this. (also write google auth backup key)
But yeah it's good to know.
??? please explain
How do these links even appear ? I just put in binance, bitfinex, bittrex etc in the browser and the correct result is always first.
Well, in a panic move you could mess up two characters and land on phishing website hosted by this domain.
if you click a url shortener like those on twatter you don't need to type special chars
google.com
search link related to pic related.
>he just learned that a lot of corporations use Masonic symbolism
welcome to real life.
to all you retards being scared of getting keylogged: BOOKMARK THE SITE
Yes.... but in this case it is just a technique to further obfuscate the URL.
Infosec fag here.
Homographic/IDN/Punycode attacks have been around for more than a decade.
schneier.com
they have become more viable because all modern browsers support IDN and are therefore "vulnerable"(it's almost unfixable btw as there are several languages where those characters have a legitimate use)
best browsers can do is display a warning that the URL contains non ASCII chars especially if it's composed of chars from two different alphabets as that would be a fairly reliable indicator that something phishy(pun intended) is going on
there are a few browser extensions that would alert you if you were to visit an URL employing this kind of attack:
addons.mozilla.org
chrome.google.com
to be fair browsers already do try to protect users in various ways
wiki.mozilla.org
it's HTTPS and has a certificate so it's safe
You're welcome. Congratulations on taking your first little redpill. But that's just a thin layer of snow on the tip of the iceberg. If you think you're in "real life" or have any deep knowledge about freemasonry, thanks to just simply knowing about that; then you're mistaken.
And if we take freemasonry as an isolated thing; for example, do you know about the relevance of Akhenaton in relation to freemasonry? No? Didn't think so.
in a panic you could type that weird fucking cyrillic n instead of a regular n? stfu retard
HOLY SHIIIIT
>linkie
>searches for gay porn
why does this not surprise me?
...
its an ancient meme you absolute newfag
...
>nolinker
>is a newfag
why does this not surprise me?
>saving the thumbnail
fucking redditors
Fuck me thanks for the heads up.
Post the link so I can see how this looks in my browser.
>stale meme
>still gay
congratulations
>reddit
GET OFF MY BOAAAAAAAARD
Also, NEVER access your accounts at work. Many employers use keyloggers amoung other spy tools on their employees.
that's what smartphones are for dude
Why would you ever click on a link to an exchange? Is it really that hard to type out 'binance.com'
use a password manager that puts in the credentials for you, also keeps you from falling for phishing scams because the websites won't match up.
How does the phishing website get through 2fa?
It also takes me like 20 tries to get through binance's retarded ass bot detector. I wonder if phishing websites replicate that.
bro dont underestimate how much time pajeets have on their hands, once you put your 2fa seconds later there is a pajeet putting it in to get through
you log in on the fake site
the fake site asks you for your auth code (at this point a bot is already logged into your real account)
you input the code (the bot uses it to access your real account instantly)
your shit is now gone
But you have reenter the 2fa for each withdraw...
I just type URLs. Dont even trust bookmarks because maybe there is some attack vector whereby some malware is able to change bookmarks.
would it help at all to enter your auth code right as it is about to expire?
lol western morons are just paranoid cowards. I don't give a shit about hackers. I use same passowrd 1q2w3e4r5t everywhere, I don't use antivirus, I download any shit from torrents etc nothing happened. nothing will happen. to get hacked is similar to get shot randomly on street. 1 in 100000000. whole generation of westerners turned full pussified faggots
t. pajeet with $83 total worth
You still have to confirm withdrawal with email.
I don't get it how some people get hacked.
You really have to be a fucking retard.
Even if you give someone your username, password and 2fa seed, they can't do sheet if they don't have access to your email.
Oh no! I accidentally typed these crazy ns with dots below them. Now all muh LINK is gone!
shit i think i've been scammed, the binance url i went to has a weird dot above the i
He means you could go to an address because of a typo that redirects you to this phising binance site that looks closer to normal and youre less likely to notice. Stupid nigger.
What's the point when 2fa exists
en.wikipedia.org
Chrome and Mozilla devs refuse to fix this vulnerability because they think Arabic, Chinese, Cyrillic, Tamil, Hebrew and Latin alphabet-based characters should be allowed in URLs.
Even micropoo fixed this in edge.
hrrhrrrrr :Dddxdd
Unicode was a mistake. We'd have been better off just nuking any country that refused to switch to the Latin alphabet.
How can you do this?
>There are people in crypto who log onto their accounts with their phones
I shiggy diggy
whos mad enough to hold crypto on an exchange?
what is two factor? what is encoded private key? what sms confirmation, what is life
>mfw I only use the app
bookmark it the first time. done.
fuck off this is fake as fuck. no special characters for domains ass hat.
Also has zero fees. Get in or stay poor
>reddit
did you do this on purpose?
if you did then 10/10 otherwise get off my board redditfag
also trippps
Impressive that they got a certificate authority to sign off on that one.
biṇaṇce.com for anyone who wants to visit it! And also, at least firefox pops up a big warning page.
And authorize it through email.
You can get SSL certificates for free without giving any details
Why not just use a cyrillic "a" instead of a latin "a"?
Are those two "a" different?
no
why the fuck do browsers even do this? I thought URLs could only be letters numbers and dashes?
Thank god there's unicode. What would we do without oͨͭ̇ͧ͐̋ͯu̖̹̩͈̣͓̓ͪ̇ͮr̙̗̘̘͎̟̝͑̃̂ͯ̏̍͂͜ ̰̬͕͕̯ͬͪ̾͒̌͗ͦb̞͈̖ͩͭͨͮͅė̞̻̬͕͚͂ͬ̈́̈l̟͉͔͊̈̄̚͡o̜ͯ̚v̘͕̩͙͇̹̩̉̕e̞̬͛̄͆̉͝ḏ͉͐̓̂̍ ͚̤̜͔̗̎ͦã̂̈͝n̜͕̖̤͚̿d̘͍̯͑̇̄̀ ̯̖̠̘̊l̟͇̋̈̓̿o̻̙̪͓͎̪̰̓ͮͭ͊ạ̩̙ͫ́t̳̦̞̤͎̜̐́̓͌h͇̩̭͚̜e̦̟͈͔̬̫͈̓̏̐̈d̩͙̜̋͐̌ͫ͂̋̄ ̨͉̖u̦͚͚ͣ͗̊n̜̣̯̝̹͖̪ͬͫͯ̾͗i̖͕͍͈̰̗̔̏̉̒͐c̥̻̱͋ͣ̃o̱̝ͯ͗d̓̀̽͆̆̚é̸̫̗̫̞̯̄͌ ̘͕̼̮͉̍̋͋ͪ̏́̚ḫ̥̣̻̳͐ͩ̚ě͎̹̬̺̝͈̪ͬͭ̃̑ͦ#̧͈̖͕̭̏̑ͣ̎̑s͉͐ͧ̈́ͪͤ ̗̼̝̰̞̳̝̊ͮ͛̆̽̐ć̛̭̫͕͐͆͒͆o̩̳̞̞̾̇̔ͦ͋̚m͇̳̹̭ͦͧ͠i̧ṉ̛̳̻ͤg͔̱̩̮̤͆̈́͐͊̈́̎̇ ̞̆̐̿͟t̟̝͛ͪh̝̫̠͇̬͒r͗̒o̩͖͉̮̓ͩͪ͂u̩͉̘͕͈̼͔g̱̪ͪ͌ͭ̍̚h̺̱̦̤͈͑̓̓ͬ͌̍̕ ͨ̒ͭ͢t̴͎̫̳͚̻͇ͤ́̚ḫ̯͉̼̜͓̍̀ě̢͇̭̩ͮ͐ ̘͊̍̄w̮͕͇͇̖̻͊̎̄ä̌ľ̜͇̜̳͕̋̊̓̾̽l̰̬ͧs̶͍͔̥̣̆́̏ͤ ͕̞͎͎̙͗́ͯ̒͑͆͢Z̠̝̬͘Ă͙̬̱͙̩͇͂̐̈́̈L̥͔͈͓̞̓̔͠G̠̫̺̘͗Oͣ͋̈́