Nice and informative article @wwzsocki. I found an article where it says how to avoid Punycode attacks and also who all are affected by that. I would like to include that here. Some of the examples of Punycode attacks with big brands -






Check the 7 Ways to avoid a Punycode attack -

• Be cautious if the site presses you to do something quickly. This is a classic strategy by hackers to rush their potential victims so that they are less likely to notice anything suspicious. Often they will offer a ‘limited time only’ deal, and make it difficult to exit the page with ‘are you sure you want to exit’ pop ups: these are all tactics to make you stay on their site longer and give them your details.
• If you are being offered a deal, go to the original company site and check if it’s available there as well, if not it’s mostly likely a scam doing it’s best to mimic the established brand and trick visitors into handing over their details.
• If some of the letters in the address bar look weird, or the website design looks different, rewrite it or visit the original company URL in a new tab to compare. The letters in the address bar looking strange is a key indicator that punycode is being used to trick you into thinking you are visiting a well-established brand site when in fact you are being taken to a malicious site.
• Use a password manager; this reduces the risk of pasting passwords into dodgy sites.
• Force your browser to display Punycode names, this option is available in Firefox.
• Click on the padlock to view and inspect the HTTPS certificate.
• Use a mobile security solution and artificial intelligence to monitor all data traffic and to detect and block phishing links.

Source: Punycode attacks - the fake domains that are impossible to detect