Paste any text, URL, domain, or username to check for lookalike characters
Ready to scan
Paste text and click Scan to detect homoglyphs// detect visually confusable unicode characters
Detect homoglyphs and visually confusable Unicode characters used in phishing, spoofing, and IDN homograph attacks. Free browser-based tool.
Ready to scan
Paste text and click Scan to detect homoglyphsEnter any suspicious text, URL, domain name, username, or email address in the input box.
The tool instantly analyzes each character against a database of known Unicode confusables and homoglyphs.
Suspicious characters are highlighted with their Unicode code point and ASCII equivalent shown in the table below.
A homoglyph is a character that looks visually identical or very similar to another character. Attackers exploit this to create fake domains like pаypal.com (with a Cyrillic 'а') that look exactly like paypal.com. This tool scans text for such substitutions and flags them.
A homoglyph attack (also called an IDN homograph attack) is when an attacker registers a domain or creates a username using characters from other alphabets that look identical to standard Latin letters. For example, the Cyrillic letter "а" (U+0430) looks identical to the Latin "a" (U+0061) but is a completely different character, allowing attackers to create convincing fake domains.
The most common scripts used in homoglyph attacks are Cyrillic (Russian alphabet), Greek, Armenian, and various Latin extended sets. Characters from these scripts often have near-identical visual representations to basic Latin characters, making them ideal for spoofing English domain names and text.
Always check the full URL in your browser's address bar, look for HTTPS and valid certificates, use this tool to scan suspicious domains or usernames, and enable IDN filtering in your browser or security software. Many modern browsers now display the punycode version of IDN domains to help users identify potential spoofing attempts.
This tool covers a comprehensive database of known Unicode confusables as defined by the Unicode Consortium's confusables.txt specification, covering thousands of character pairs across dozens of scripts. However, visual similarity is subjective and rendering can vary by font — this tool should be used as one layer of security, not the only check.
When homoglyphs are detected, the tool attempts to replace each suspicious character with its closest ASCII equivalent. For example, the Cyrillic "о" would be replaced with the Latin "o". This gives you a normalized version of the text that shows what the string is likely trying to impersonate.
Yes, absolutely. Email spoofing via homoglyphs is a real threat — attackers send emails from addresses like "support@аpple.com" (Cyrillic а) that look legitimate. Paste the full email address into the scanner to detect any suspicious characters in both the local part and domain.
A homoglyph detector is a security tool that scans text for characters that look visually identical or nearly identical to other characters but have different Unicode code points. These lookalike characters — called homoglyphs or Unicode confusables — are frequently used in phishing campaigns, domain spoofing, and social engineering attacks to deceive users into thinking they're interacting with a legitimate brand or service.
Our free online homoglyph detector checks every character in your input against a comprehensive database of known Unicode confusables, derived from the official Unicode Consortium specification. Each suspicious character is flagged with its Unicode code point, its script origin (e.g., Cyrillic, Greek, Armenian), and its closest ASCII equivalent — giving you the full picture of any potential spoofing attempt.
💡 Looking for premium web development assets? MonsterONE offers unlimited downloads of templates, UI kits, and security-focused themes — worth checking out.
Unicode contains over 140,000 characters from hundreds of scripts and symbol sets. Many of these characters are visually indistinguishable from standard ASCII Latin characters when rendered in common fonts. For example:
An attacker can register the domain pаypal.com — where the "а" is Cyrillic — and most users will never notice the difference. When they click a link to this domain and are asked for their login credentials, they hand them directly to the attacker. This type of attack is known as an IDN homograph attack (Internationalized Domain Name homograph attack).
The Unicode Consortium maintains an official document called confusables.txt as part of Unicode Technical Report #39 (UTR #39) — the Unicode Security Mechanisms specification. This document catalogs thousands of character pairs that are known to be visually confusable, providing a standardized reference for security tools like this detector.
Our tool uses this database as its foundation, supplemented with additional common lookalike patterns observed in real-world phishing campaigns. Characters are categorized by their script of origin, risk level, and the ASCII character they most closely resemble.
Cyrillic Script: The most frequently abused script in IDN homograph attacks targeting English-language brands. The Cyrillic alphabet, used for Russian, Ukrainian, Bulgarian, and other languages, contains numerous characters that are visually identical to Latin letters: а, е, о, р, с, х, у, and more.
Greek Script: The Greek alphabet also contains several characters visually similar to Latin ones, particularly vowels like α (alpha), ο (omicron), and υ (upsilon), as well as consonants like ν (nu) and χ (chi).
Latin Extended: Even within the Latin script family, there are hundreds of diacritical variations and extended characters that can resemble basic ASCII. Characters with subtle diacritics like ȧ, ė, or ọ can be difficult to distinguish from plain a, e, o in many fonts and display sizes.
Other Scripts: Armenian, Cherokee, and various other Unicode scripts also contribute confusable characters, though these are less commonly exploited than Cyrillic and Greek.
Homoglyph attacks are not theoretical — they are actively used in the wild. Security researchers have documented campaigns targeting major banks, payment processors, social media platforms, and cloud services. Common targets include PayPal, Apple, Microsoft, Google, Amazon, and banking institutions, as these are high-value phishing targets with large user bases.
In 2017, a notable demonstration showed that аpple.com (with Cyrillic а) could be registered as a valid domain and would appear identical to apple.com in most browsers. This led to browser vendors implementing stricter IDN display policies, but the underlying threat remains active in email, chat messages, and other contexts where raw URLs are displayed.
Using the tool is simple: paste any text you want to check into the input field and click the Scan button. The tool will instantly analyze every character and produce a visual character map where suspicious characters are highlighted in red. Below the map, you'll see a table of every flagged character showing its glyph, Unicode code point, script name, and the ASCII character it resembles.
The tool also produces a clean ASCII equivalent — a normalized version of your input where all homoglyphs have been replaced with their ASCII lookalikes. This makes it immediately clear what a suspicious string is trying to impersonate: pаypal.com becomes paypal.com.
For developers and security teams, homoglyph detection should be integrated into user-input validation pipelines, especially for username registration, domain input, and any field where impersonation is a concern. Consider normalizing all user-submitted text to Unicode NFC form and checking against a confusables list before storing or displaying it.
For end users, the best protection is skepticism toward unexpected links, especially in emails and chat messages. Hover over links to inspect the URL, look for HTTPS, and when in doubt, navigate directly to the intended website by typing the address yourself rather than clicking a link.