Homoglyph attacks seem to come up every few years in security blogs. Replace (INSERT CHARACTER HERE) with a nearly identical, rarely used Unicode character, and voila you have a string that might fool an unsuspecting party. It's like typosquatting, but the difference between the real string and the homoglyph will likely be harder to spot than a misspelling or extra letter. This talk will cover use cases, real world examples, and a tool I am working on to easily identify discreet homoglyph URLs for your org.