Chrome on Android shows incorrect (trimmed) domain name with no visual cue
https://ThisIsNotMyBankDomain.com/ and https://MyBankDomain.com/ would look exactly the same on the address bar in Chrome Android.
Number of characters trimmed is dependent on your device width.
Users can be easily tricked into opening longer incorrect phishing domains that would look exactly the same as original domains.
Sample screenshot - https://imgur.com/a/DBlFiLt (someone visiting http://internetdownloadmanager.com can be easily tricked into believing they opened http://tdownloadmanager.com )
While other browsers trim to the right of long domain names, with visual cue that the displayed domain name is not complete, Chrome trims to the left leaving no visual indication that the user is seeing a partial domain name.
Chrome's earlier attempts on messing with the address bar - https://arstechnica.com/gadgets/2021/06/google-chrome-ends-its-war-on-address-bar-urls-for-now-at-least/
No comments yet.