Is this a spοοf? well, yes: the two “o”s are actually Greek Omicrons.
Here is http://www.раураl.com — except that it’s written using cyrillic look-alikes for “paypa”.
It turns out that somebody [“has already thought of”:http://www.centralnic.com/registration?op=search&domain=+www.%D1%80%D0%B0%D1%83%D1%80%D0%B0l.com] that one. But unicode domain names are clearly going to lead to great excitement in this fallen world.
Actually mangling a unicode domain name into a form that browsers can parse as an url is not terribly easy. You have to convert it into something called “punycode” first, and register the punycode representation. But it can’t be insurmountably difficult for motivated crooks.
There are fixes coming out for Mozilla and Firefox, but it’s all been a little messier than one would like. (IE isn’t affected, because it doesn’t support IDN at all. There’s a thing).
This site has the best ongoing information about slapping that baby down.
Well, it’s not really a shmoo group exploit — it was well known and understood by the Unicode people about a year before anyone else noticed. I still can’t work out how to fireproof Opera, though. that makes this the first known instance of Firefox doing anything better than Opera 🙂