Schemes to fraudulently acquire another person's credential and password information have become common on the Internet. Such schemes are commonly referred to as “phishing”. Phishing schemes can be quite elaborate. In some schemes, a user is diverted from a desired page to a fraudulent page that is plausibly similar in appearance to the desired page. The user may be led to this type of fraudulent page by clicking a link, by incorrectly typing a web address, or by any other mechanism. Other schemes can be based on a user being convinced to visit a fraudulent page based on incorrect information, such as an e-mail purporting to be from a known business. In still other schemes, a user may correctly enter information to visit a desired site, but the user can be re-routed due to a corrupted server. When a user is presented with a login and password prompt, the user often has little or no context with which to evaluate whether the request for a login credential is legitimate. This makes phishing schemes difficult for a user to detect.