Homograph attacks are not just an issue for web browsers – they have been shown to cause headaches for users of mobile messaging apps, too.
Researchers at Blaze Security have demonstrated bugs against Signal, Telegram, and the Tor browser that might be used as part of social engineering attacks – pushing users towards hacker-controlled sites that host either malicious code, or a phishing attack aiming to hoodwink prospective marks into handing over their login details. Hackers typically mount a homograph attack by registering a domain containing non-ASCII characters that are visually similar to English characters.
Latin, Greek, and Cyrillic scripts share numerous characters that are difficult to distinguish apart visually, opening the door for hackers to register dodgy domains that impersonate real brands.
Source: Daily Swig