Google Chrome users vulnerable to phishing scam that uses a fake address bar

Fisher says that the scam could be made more sophisticated, by making the fake bar interactive.


A security vulnerability in Google Chrome browser reportedly allows malicious users to launch a phishing attack using a fake address bar.

The bug, as discovered by James Fisher, leverages how the Chrome mobile app disappears the address bar when you scroll down.

The exploit, as Fisher calls 'The Inception Bar' method, can be used to display a fake address bar that won't disappear until you go to another site, Engadget reports.

Google Chrome browser on an Android device.

Google Chrome browser on an Android device.

The exploit goes further to restrict you from seeing the real address bar when you scroll up. Although Fisher has demonstrated a proof of concept, the bug could theoretically allow large-scale phishing campaign to steal user information.


Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.