A new hoax from alleged scammers pretending to be Mango promises people free airline tickets in exchange for sharing a “promotion” with 20 people.
The following “promotional message” is being shared on WhatsApp:
*Mango Airlines is giving away 2 Free tickets Per family to celebrate its 15th Anniversary* . Get your free tickets at: http://www.flyṃango.com/free-tickets/.
Upon clicking the link, you are redirected to http://2018deals.life/tickets/?p, and then to asda-free.com.
MyBroadband forum members noted that the scam appears to use an IDN homograph attack, an exploit in Punycode when non-Latin characters are used in URLs.
Security researcher Xudong Zheng demonstrated this exploit last year.
In the case of the Mango hoax, there is a small dot under the “m” in the URL. In Punycode, it would be written as: http://www.xn--flyango-u03c.com/free-tickets/.
Zheng said Firefox users can set the browser to always display non-Latin URLs in Punycode by going to “about:config” and setting “network.IDN_show_punycode” to true.
Chrome fixed the issue in version 59 of the browser.
Mango has confirmed that the promotion is a hoax and said it is working to shut it down.