by Ed Skoudis, Internet Storm Center
Note that this list is _not_ comprehensive, but a handy reference for some of the tricks bad guys use to fool users.
Each method looks like it goes to www.microsoft.com, but really points to www.google.com. Note that not all methods work for all browsers. Modern versions of IE do not like the %01, %00, @, and related tricks.
Regular: www.microsoft.com
Subversion (Say www.microsoft.com, link to www.google.com): www.microsoft.com www.microsoft.com
%01: www.microsoft.com
%01%00@: www.microsoft.com
IP ADDR: 216.239.41.99: www.microsoft.com
Decimal IP addr: 3639552355: www.microsoft.com
Hex IP addr: 0xd8ef2963: www.microsoft.com
Hex IP addr with dots: 0xd8.0xef.0x29.0x63: www.microsoft.com
URL Encoding as ASCII in Hex: http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D: www.microsoft.com
URL Encoding as Unicode: www.google.com www.microsoft.com
URL Encoding as Unicode with @: www.microsoft.com@www.google.com www.microsoft.com
URL Shortener at http://csua.org/u/: www.microsoft.com
URL Shortener at http://www.rapp.org/url/: www.microsoft.com
Mixed ASCII and Unicode: www.microsoft.com
Octal: 0330.0357.0051.0143: www.microsoft.com
Octal Long form: 000330.000357.000051.000143: www.microsoft.com