It wasn't so much the simple "fake" extension that's of concern, it's the latter part of the article that spoofs the hosts file for instance, using seemingly identical unicode chars.