---
title: "The Homograph Phishing Attack: The Antidote to Awareness Training | Phish Protection"
description: "The Homograph Phishing Attack: The Antidote to Awareness Training: If you"
image: "https://phishprotection.com/og/blog/homograph-phishing-attack-antidote-awareness-training.png"
canonical: "https://phishprotection.com/blog/homograph-phishing-attack-antidote-awareness-training/"
---

Quick Answer

If you've ever taken \[phishing awareness training\](/blog/can-phishing-awareness-training-cause-more-harm-than-good/), you've most likely been taught to identify\[ domain name spoofing\](https://www.barracuda.com/glossary/domain-spoofing). \_Domain name spoofing is a phishing tactic where an attacker sends you an email from one domain\_, the attacker's domain, that looks almost identical to another domain, a domain you trust.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhomograph-phishing-attack-antidote-awareness-training%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=The%20Homograph%20Phishing%20Attack%3A%20The%20Antidote%20to%20Awareness%20Training&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhomograph-phishing-attack-antidote-awareness-training%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhomograph-phishing-attack-antidote-awareness-training%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fhomograph-phishing-attack-antidote-awareness-training%2F&title=The%20Homograph%20Phishing%20Attack%3A%20The%20Antidote%20to%20Awareness%20Training "Share on Reddit") [ ](mailto:?subject=The%20Homograph%20Phishing%20Attack%3A%20The%20Antidote%20to%20Awareness%20Training&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fhomograph-phishing-attack-antidote-awareness-training%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/08/spear-phishing-prevention-7346.jpg) 

If you’ve ever taken [phishing awareness training](/blog/can-phishing-awareness-training-cause-more-harm-than-good/), you’ve most likely been taught to identify[ domain name spoofing](https://www.barracuda.com/glossary/domain-spoofing). _Domain name spoofing is a phishing tactic where an attacker sends you an email from one domain_, the attacker’s domain, that looks almost identical to another domain, a domain you trust.

The idea is that if the recipient of the email looks at the email address quickly, they may not notice the slight difference. Here’s an example of an email from a lady named Beth at Google: [beth@gooogle.com](mailto:beth@gooogle.com). Or is it? No, it’s a domain name spoof spelling Google with three Os.

Now, if you had **phishing awareness training** and you had your defenses up, there’s no way you’d be fooled by a domain name spoof like that. But, what if you received an email like this: beth@goоgle.com? Undoubtedly your defenses would be lowered. Congratulations, you just got phished with a domain name spoof. How is that possible?

![Spear phishing prevention](https://media.mailhop.org/phishprotection/images/2019/08/spear-phishing-prevention-7346.jpg) 

It’s called a[ homograph phishing attack](https://en.wikipedia.org/wiki/IDN%5Fhomograph%5Fattack) and it’s virtually impossible for users to spot on their own. How does a homograph phishing attack work? It exploits the fact that many different characters look alike. Those identical looking characters are called _homographs_. The problem is with how the characters are encoded using something called[ Unicode](https://en.wikipedia.org/wiki/Unicode).

According to Wikipedia, “Unicode incorporates numerous writing systems, and, for a number of reasons, similar-looking characters such as Greek Ο, Latin O, and Cyrillic О were not assigned the same code. So, the Latin “o” and the Cyrillic “o” have a different Unicode and are therefore different letters.” It also means domains with those two different Os are two different domains. And what you didn’t realize until just now, is that the second “o” in Google in the email you received from Beth is a Cyrillic “o”. So, it did not in fact come from someone at Google, the search engine people.

Domains using non-Latin letters are referred to as internationalized domain names (IDN) and are used quite frequently in homograph **phishing attacks**. Just last week a homograph phishing attack was used to[ domain spoof the Bank of Valletta](https://labs.bitdefender.com/2019/08/new-homograph-phishing-attack-impersonates-bank-of-valletta-leverages-valid-tls-certificate/) in Malta. What made it even harder to spot is that the email used a valid TLS certificate in the pop up window. That means it used the _HTTPS protocol, which is supposed to convey safety_.

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2019/08/spear-phishing-protection-3830.jpg) 

The homograph phishing attack is the perfect countermeasure to phishing awareness training. No matter how much training you’ve had and no matter how sensitive you are to phishing clues, there’s no way you can spot homograph phishing attack without the aid of technology.

The reason **anti-phishing technology** doesn’t get fooled by homograph attacks is that it doesn’t really care what the domain name looks like or what letters it contains or from what alphabets.[ Anti-phishing technology](/), with real-time link click protection, simply follows the link in the email to the website and inspects it to see if it’s legit or fake. And if it’s fake, then it’s a phishing email, no matter what the link look like.

When you’re ready to concede that phishing awareness training is no match for homograph phishing attacks, head on over to [PhishProtection.com](/) with[ Advanced Threat Defense](/products/advanced-threat-defense/) and get yourself protected from homograph attacks and every other kind of phishing attack. Try it free for 30 days.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"The Homograph Phishing Attack: The Antidote to Awareness Training","description":"The Homograph Phishing Attack: The Antidote to Awareness Training: If you've ever taken phishing awareness training, you've most likely been taught to.","url":"https://phishprotection.com/blog/homograph-phishing-attack-antidote-awareness-training/","datePublished":"2019-08-14T17:58:04.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-08-14T17:58:04.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/homograph-phishing-attack-antidote-awareness-training/"},"articleSection":"foundational","keywords":"Phishing","wordCount":557,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/08/spear-phishing-prevention-7346.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"The Homograph Phishing Attack: The Antidote to Awareness Training","item":"https://phishprotection.com/blog/homograph-phishing-attack-antidote-awareness-training/"}]}
```