In recent years, spoofing attacks to illegally obtain user information, in particular banking or payment details of a user, have become a more prevalent.
A spoofing attack (or event) is a situation in which a person or program successfully masquerades as another person or entity by falsifying data, thereby to obtain personal and confidential information of a user. Web page spoofing, or phishing, is a security attack where a legitimate web page, for example a bank or on-line vendor web site, is reproduced with similar characteristics of the original authentic web page, on another server under the control of an attacker. The attacker aims to mislead a user into believing that the user is connected to a trusted web site. Should the user enter any information on the spoofed web site, such as a username, password or banking information, the attacker would obtain this information and succeed in a security breach.
Phishing attacks may be performed with the aid of URL spoofing, where web browser bugs are exploited in order to display incorrect URLs in the browser's location bar. Alternatively, DNS cache poisoning may be used in order to direct the user away from the legitimate site and to the fake site.
The risks associated with spoofing and phishing attacks have been increased by the use of form fill applications, which provides user information for multiple predefined fields on a user interface or web page that has to be filled in.
To address the risks posed by spoofing and phishing attacks some applications make use of icons on toolbars to indicate that a web page is fraudulent. However, as these icons or toolbars are small and insignificant, users rarely pay attention to them and may even ignore them when providing a form fill instruction.