Punycode (IDN) Attacks
Preventing "Homograph Attacks" where foreign characters are used to mimic legitimate domains.
International Domain Names (IDNs) allow non-English characters in URLs. Attackers exploit this by mixing scripts (like Cyrillic or Greek) to create domains that look indistinguishable from the real ones to the human eye.
Can you spot the difference?
Legitimate (ASCII)
Malicious (Cyrillic 'a')
To a computer, the second one is actually xn--ppl-0hdb.com. This is Punycode.
How Arx Protects You
Script Mixing Detection
We flag domains that mix characters from different language scripts (e.g., Latin mixed with Cyrillic) within a single label, a primary indicator of fraud.
Punycode Decoding
Arx automatically translates xn-- domains back to their unicode representation to inspect them for similarities against your protected brands.
Visual Comparison
We render the domain's visual appearance and compare it pixel-by-pixel against known safe lists to catch even the most subtle homoglyphs.
Why Browsers Don't Catch This
Modern browsers have some built-in defenses, but they often prioritize user experience and language support over strict security. If a user's system language is set to Russian, a Cyrillic domain might not display the `xn--` prefix. Arx enforces strict security policies regardless of browser locale settings.