Threat actors are using a Japanese Unicode character to create deceptive phishing links that mimic legitimate Booking.com URLs, tricking users into visiting malicious sites. This technique exploits visual similarities in characters, making it difficult for users to discern the real domain. Security measures are suggested to help users identify and avoid such phishing attempts.