Address bar spoofing

Address bar spoofing is a technique which makes a malicious URL appear like a legitimate one on the address bar. Earlier observations of pop-up address bar spoofing on Internet Explorer® showed that the address bar was padded with special characters to show only a portion of the complete URL or the legitimate website’s address.

Address bar spoofing is especially risky for users who visit websites that handle sensitive information of a user, such as online banking, shopping, or social media sites.

Given the limited screen size of mobile phones, checking the complete URL of a site becomes challenging. The URL displayed within search results are also either shortened, or only includes the main domain. In 2013, Trend Micro found a spoofed PayPal mobile site that was used to phish information from its victims. Then in 2014, a banking Trojan capable of spoofing the URLs in the address bar in order to steal information was found targeting South Korean banks.