So by now most people would have seen the news from ICANN that International Domain Names (IDNs) will support non-Latin characters including Mandarin, Arabic, Hindi and Cyrillic. ICANN is also discussing Generic top-level domains (such as .com and .org) which will eventually be expanded from its current list of 21 to include almost any word, in almost any language.
Peter Wood, Member of the ISACA Conference Committee and founder of First Base Technologies believes that this could lead to a significant increase in phishing attacks, with attempts to confuse users by replacing conventional web addresses and Top Level Domains with non-Latin scripts.” Glyphs representing certain characters from different scripts might appear similar or even identical. For example, in many fonts, Cyrillic lowercase A ("a") is indistinguishable from Latin lowercase A ("a").
There is no way to tell visually that "example.com" and "example.com" are two different domain names, one with a Latin lowercase A in the name, the other with a Cyrillic lowercase A. An unscrupulous host site can use this visual ambiguity to pretend to be another site in a spoofing attack.
Just when we think we have got people aware about the dangers of Phishing and advice that says do not click on links in emails, it now becomes even more important. Now more than ever people should type in the address of the website thy wish to visit in their browser or go directly to the IP address. If you do not know what is on the website of the URL you are going to visit before you visit it or click on a link, you should ask “Why are you going there?”