A number of phishing sites have been discovered on domains hosting emojis.

Emoji domains are a new type of website address. Rather than use www.xxxx.com or similar, the emoji domain displays something like J.com, J.net, L.com and so on.

Emoji domains are relatively new but they aim to inject new life into the URL business.

However, phishing fraudsters are using emoji domains for alternative and less innocent uses. They are attempting to lure people who are interested in emojis to visit the domains which could actually be malicious phishing sites.

At the moment this appears to an exploration tactic by fraudsters to see whether these new domains can be used to make their phishing campaigns more effective.

This new attack vector can be compared to traditional phishing techniques in which email attachments or messages that pose as legitimate organisations are used to extract personal information.
  • Given the popularity of emojis among younger people this group is believed to be the target group. 
  • While there is no evidence to yet support this, it could be that fraudsters will use SMS messages to lure people into visiting emoji domains given the ‘must-have’ popularity of smartphones 
  • As things stand its best to view emoji domains with a degree of suspicion. 
Further, the use of a mobile security solution, such as BullGuard Mobile Security, should be used in order to identify and detect suspicious and malicious URLs used in phishing attacks.