Unusual file names and links are common signs of phishing attacks. But hackers are now using visually similar characters from foreign alphabets to trick even tech-savvy users into clicking.