I have received a phishing email yesterday and I nearly clicked on the link masquarading as a Citibank site. Thank goodness suspicion hit me and I checked the URL. It was close and phishing emails are really dangerous. Then this got me thinking. Isn't there a way that we can make the browser protect us? Can we have a warning system of sort?
I am reading this paper titled The Battle Against Phishing: Dynamic Security Skins and it gives me some ideas as to how to design a security alert system. However, nothing concrete yet. I am wondering whether it is possible to have 1) a standalone Firefox extension without any server change, or 2) a client-server alert generated on the webpage itself.
Extra: Red wine goes well with CSI...
