A new phishing method works by using letters from other alphabets which, to the naked eye look virtually identical in a browser.
It's not really a new-new attack, fraudsters have been using numbers, or upper / lower case substitutions for a long time. Proof of concept attacks have shown that users just can't tell the difference, particularly where an SSL certificate has been obtained. Rather alarming.
fraudsters are able to register domains with characters plucked from various alphabets other than the default Latin script. When displayed, it's all but impossible to tell apart a Greek "O" from a Cyrillic "O" from a Latin "O," for instance.