PLATFORM GENERATORS

Homoglyph Detector & Replacer — Unicode Security Tool

Detect and replace unicode homoglyph characters that impersonate Latin letters. Essential security tool for identifying phishing attempts, domain spoofing, and text manipulation.

Homoglyph Detector & Replacer Security Tool

Detect unicode characters that impersonate Latin letters — a common technique in phishing, spoofing, and domain impersonation attacks.

Total chars
Homoglyphs found
Unique types
Risk level
Detection results appear here. Suspicious characters will be highlighted red.
Run detection first
Click "Replace All" to see clean text.
Run detection to see codepoint analysis.
OVERVIEW

Homoglyph Detector & Replacer

Detect unicode homoglyph characters that impersonate Latin letters — a critical security tool for identifying phishing, spoofing, and impersonation attacks. Homoglyphs exploit writing system characters that look identical to regular Latin characters but possess completely different Unicode code points.

Common Attack Examples

Homoglyph impersonation is frequently used in phishing attacks and domain spoofing. Below are common examples of how lookalike characters are used to deceive users:

Deceptive String Looks Like Danger Category
payраl.com (Cyrillic 'р' and 'а') paypal.com Phishing Attack
аррӏе.com (Cyrillic 'а', 'р', 'ӏ') apple.com Domain Spoofing
g00gle.com (using number '0') google.com Typosquatting

What Are Homoglyphs?

Homoglyphs are characters that appear identical or nearly identical to other characters from a different writing system or alphabet. Attackers exploit this visual similarity for:

  • Phishing Emails — spoofed sender addresses that bypass visual inspections.
  • Domain Impersonation — fake websites targeting login credentials and banking portals.
  • Social Engineering — misleading messages, URLs, or product names.
  • Code Injection — introducing hidden lookalike characters inside software identifiers to cause compiler or execution errors.

Detection & Protection

Key Detection Categories

  • Cyrillic — Russian letters mimicking Latin letters (e.g., а, е, о, р, с, х, у).
  • Greek — Greek letters visually identical to Latin counterparts (e.g., α, β, γ, ε, ο, π).
  • Mathematical — Unicode mathematical symbols replacing standard styling (e.g., 𝔸, 𝔹, ℂ).
  • Invisible — Zero-width spaces, zero-width joiners, and BOM bytes that hide inside plain text.

How to Protect Yourself

  1. Always paste suspicious URLs, emails, or domain names into this detector.
  2. Audit email sender addresses character by character if links seem off.
  3. Use the Replace All function to automatically convert suspicious lookalikes into safe Latin equivalents.
  4. Enable the Hex/Codepoint Analysis tab to inspect the raw hexadecimal codepoint IDs of every character.

FAQs

What is a homoglyph attack?

A homoglyph attack uses unicode characters that look identical or very similar to Latin letters to deceive. For example, Cyrillic 'а' (U+0430) looks identical to Latin 'a' but is a different character. Attackers use this for phishing, domain spoofing, and social engineering.

What characters are detected?

The detector identifies Cyrillic lookalikes (а, е, о, р, с, х, у), Greek lookalikes (α, β, γ), mathematical Unicode (𝔸, 𝔹), and invisible characters like Zero Width Space (U+200B) and Zero Width Joiner (U+200D).

What's the risk level?

High risk: Cyrillic and Greek homoglyphs used in domains and emails. Medium risk: Mathematical Unicode in normal text. Invisible characters are always high risk as they're hidden.

How do I use this tool?

Paste any text, URL, email, or domain name and click 'Detect' to find homoglyphs. Click 'Replace All' to get clean text with homoglyphs converted to Latin equivalents. Use sample buttons to see example attacks.

Can I export results?

Yes! Copy the clean text after running 'Replace All'. The Hex/codepoint tab shows detailed Unicode analysis for each character.