Pop quiz: can you tell the difference between these 2 domains?
Both host a version of the popular crypto exchange Binance .
The second image is the correct one, the first one is a phishing link with the letter ’n’ replaced by ‘n with a dot below it ’ (U+1E47). It’s not a piece of dirt on your screen, it’s an attempt to trick you to believe it’s the official site.
Firefox has a very interesting option called IDN_show_punycode. You can enable it in about:config`.
Once enabled, it’ll make that phishing domain look like this:
Doesn’t look that legit now anymore, does it?
I wish Chrome offered a similar option though, could prevent quite a few phishing attempts.