[asciiresort]

It poses a security risk and exploited to phish people.

Modern Browsers sanitize punycode, not so sure about bespoke browsers that live inside other mobile apps