Next time you go to click on a web link, beware. It appears hackers have come up with a crafty new way to attack unsuspecting Google Chrome, Safari, Edge and Firefox users and it’s easy to see how some are being caught out.The trick, which has been spotted by the team at Cyber Security News, sneakily replaces certain characters in web URLs to make them look like official pages. It’s a scam called typosquatting, and it’s highly effective.

For example, the website for Marriott hotels should read marriott.com. However, cyber criminals have cloned it with the m replaced by the letters r and n – so the URL reads rnarriottinternational.com. At a quick glance, those two ‘rn’ characters merge, making it look like nothing is wrong.Microsoft has also been targeted by a similar hack, along with other websites being set up that subtly change character.

Here are some examples to watch out for,

• rnarriottinternational.com (m replaced with rn)

• rnarriotthotels.com (m replaced with rn)

• rnicrosoft.com (m replaced with rn)

• micros0ft.com (o replaced with 0 – zero)

• microsoft-support.com (hyphen added)

“Attackers are registering domains that replace the letter “m” with the combination “rn” (r + n), creating fake websites that look nearly identical to the real ones,” Cyber Security News explained.

“This technique, known as typosquatting or a homoglyph attack, exploits the way modern fonts display text.”

There are a number of ways to avoid becoming the next victim of this type of attack. Firstly, always expand and check the whole URL and make sure it’s correct. It’s also a good idea to hover your mouse cursor over links before actually clicking, as this will show you the full destination URL.

If you want to make 100 percent sure the website is correct, simply type in the address from scratch. That means you can be tricked into clicking on fake links.

As Cyber Security News says, “If you receive an urgent email about a hotel booking or account reset, do not click the link”.

Finally, it’s a good idea to use a password manager as these can help spot fake website addresses.