The attacker named the file executare_silita_an followed by the RTLO character. They then typed fdp.exe .
It began scanning her browser for saved passwords and banking cookies. executare_silita_an‮fdp.exe
If you hover your mouse over a file in some email clients, it may reveal the true, non-reversed name. The attacker named the file executare_silita_an followed by
Because of the RTLO character, the computer displayed fdp.exe in reverse: . it may reveal the true
In reality, the file Elena saw was a lie. The true name of the file on the server was executare_silita_an[RTLO]fdp.exe .
Elena was worried. She knew she was up to date on her taxes, but the name "pdf" at the end of the file gave her a sense of security. She clicked "Download." The Optical Illusion: The RTLO Trick