Warning issued to anyone who spots ‘rn’ typo trick - you’re probably being hacked

Cybersecurity experts have issued a warning about a big red flag that likely means you're being hacked.

Modern day scammers are constantly coming up with new ways of swindling money and personal details from unknowing victims - and technology advances, such as the rise of AI, has made it easier than ever.

From the classic text message and email scams to alternative methods like utilising QR codes and even malicious porn websites, there's a whole lot to be wary of.

A recent YouGov survey discovered that a whopping 11 percent of Brits say they have fallen victim to phishing scams, with more than half of victims experiencing loss of money as a result of the scam (58 percent).

And as we say, there's a new warning sign to be on high alert for - the ‘rn’ typo trick.

A clever new scam is on the rise that you need to be wary of (Getty Stock Image)

What is the ‘rn’ typo trick?

Hackers are using an 'r' and an 'n' next to each other in a URL because at a glance, together they look like an 'm'.

So, it may look like you're receiving an email from an official company, but really it's something else entirely.

This technique, known as typosquatting or a homoglyph attack, exploits the way modern fonts display text as together an 'r' and 'n' look visually indistinguishable from 'm'.

As explained by Cyber Security News, scammers rely on this visual trick 'to bypass your brain’s ability to spot errors' because when you glance quickly at a URL, your brain often 'autocorrects' any errors.

The publication outlined that phishing campaign is specifically targeting customers of Marriott International and Microsoft - so for example, a scam email may come from 'rnarriotinernational.com' - looks like an 'm', right?

Security firm Netcraft reportedly recently identified a cluster of malicious domains who have been attempting to impersonate the hotel chain, likely to steal loyalty account credentials or personal guest data.

Meanwhile, Harley Sugarman, CEO of the security firm Anagram, has highlighted a similar campaign targeting Microsoft users.

Specifically, 'rnicrosoft.com' to send fake security alerts or invoice notifications to unsuspecting customers who mistake the front of the URL for an 'm'.

It's an extremely clever trick and let's be honest, most of us don't exactly scrutinise every URL that comes into our inbox, however, this proves we need to start being more vigilant.

When placed next to each other, the letters 'r' and 'n' can sometimes like like 'm' (Google)

As per Cyber Security News, these URLs in particular have been flagged as malicious:

• rnarriottinternational.com
• rnarriotthotels.com
• rnicrosoft.com
• micros0ft.com
• microsoft-support.com

How to avoid falling for the ‘rn’ typo trick

The outlet has outlined that there are a number of ways you can stay safe - most importantly, if you're on mobile, ensuring you tap the sender's name to reveal the full email address and look closely for the 'rn' trick.

If you're using a computer, you can also hover your mouse cursor over links without actually clicking them to see the actual destination URL.

The experts also warn that if you receive an urgent email about a hotel booking or account reset, do not click the link. Instead, open a browser and type the official website in yourself.

Finally, make use of password managers, which will not auto-fill your credentials on a fake site like because it will recognise that the domain is different from the real one.