This can make it very tricky to differentiate between a legitimate and fake URL, since these links may look almost exactly like the real thing at first glance.
In this scam method, punycode is what Fraudsters can use to replace “regular” characters in a URL with a different, similar character, directing clients to a phishing site. However, even the most eagle-eyed recipient may fall for the use of Punycode to disguise phishing URLs, making them look like legitimate domains. With the increase in scam SMS messages (“smishing” messages) sent to Canadians targeting their bank accounts, clients must exercise caution when clicking on URLs sent to them. Realistic Looking URLs from Fake RBC Text Messages