[ad_1]
Fake login pages are a common way to identify login information for users. If a website looks legitimate, it is easy for your muscle memory to start and for you to start typing your username and password without checking that the URL is correct (or that the website is legitimate). Complicating things is a new problem, recently described by developer Jim Fisher, which shows how easy it is for a website to use a fake address bar to make you believe that you are somewhere.
Usually, you can take a look at the padlock icon to the left of the address bar to determine whether a website is genuine or not. However, do not trust this little graphic blindly, because phishers have developed a way for mobile web pages to display fake URL bars in Chrome with the lock icon. and a replacement URL. This "Start Bar", as its name indicates, replaces the actual address bar in your browser window. If you are not careful, you can assume that your browser is working as expected.
All this trick is possible because the user interface of the mobile version of Chrome often disappears when you scroll down a page, and website developers can replace and prevent the user interface, including the bar of URL, to reappear. As Fisher describes it:
It's bad, but it's getting worse. Normally, when the user scrolls up the screen, Chrome will again display the real URL bar. But we can fool Chrome so that it never re-displays the real URL bar! Once Chrome has hidden the URL bar, we have moved the content of the page into a "jail scroll", that is, a new overflow element: scroll. Then the user thinks he is scrolling up the page, but in fact, he just scrolls through the prison with scrolling! As in a dream in Inception, the user thinks he is in his own browser, but he is actually in a browser in his browser.
But it's even worse! Even with the "Scroll Prison" above, the user should be able to scroll through the top of the prison. At this point, Chrome will display the URL bar again. But we can also disable this behavior! We insert a very high filling element at the top of the scroll prison. Then, if the user tries to scroll through the padding, we scroll them up to the beginning of the content! This looks like a refresh of the page.
Google is working on fixes for this clever coding, but you still have some tips to reveal these pesky introductory bars:
- You can force the Chrome app to display the user interface, even if the website is blocking it normally. All you need to do is lock your phone screen when the Chrome app is open, then unlock it. This resets the Chrome application window so that the user interface is displayed. If the URL is a fake, two URL bars display: one at the top is the real URL and the other at the bottom, the bar of creation.
- If you are browsing with multiple tabs open, keep a close eye on the number displayed in the tabs icon. Start bars often display incorrect numbers here.
- The new dark mode of Chrome Android also facilitates the detection of creative bars. When dark mode is enabled, the URL bar and the other elements of the UI are black. White (false) URL bars are therefore easier to spot, or vice versa, if you use the classic Chrome UI theme and the false URL is black. This is also true when you use Drive mode, simpler UI modes, or alternative themes in Chrome Mobile that change the appearance of the URL bar.
[ad_2]
Source link