Chinese researcher Xudong Zheng has reported about an “almost impossible to detect” phishing attack that can be used to trick even the most careful users on the Internet. Exploit vulnerability in Chrome, Firefox and Opera web browsers to display fake domain names as the websites of legitimate services, like Apple, Google, or Amazon. Google has already patched the vulnerability in its experimental Chrome Canary 59 and will come up with a permanent fix with the release of Chrome Stable 58, set to be launched later this month.
Source: https://thehackernews.com/2017/04/unicode-Punycode-phishing-attack.html