Android users beware; there is a new potential flaw with google chrome that could lead to phishing attacks. The flaw, which was discovered by developer James Fisher, could lead to Android users landing on fake websites.
Phishing is the fraudulent practice of disguising a website in order to obtain sensitive information, such as usernames, passwords and credit card information from a user. As found by James Fisher, when using Google Chrome on an Android device, when scrolling down, the address bar vanishes.
Attackers can use this vulnerability to show a fake URL that remains on the page, even when another page is visited. The fake bar shows a real web address, tricking the user into believing they are on a safe webpage. This method allows malicious websites to steal information by forcing to user to remain on the page.
Many were fearful of this vulnerability once developer James Fisher pointed it out. However, it appears Google has since fixed this issue. Still, it is important to pay attention to a webpage’s starting web address before scrolling, in order to avoid potential phishing attempts.
Via USA Today