Attackers commonly rely on misleading users into thinking they are looking at information from a known and trusted source. One way attackers have done this in the past is to hide the true URL information and domain name from users by providing specially crafted URLs that appear to be from different Web sites .
To help limit this type of attack, all Internet Explorer 7 and later browser windows now require an address bar. Attackers often have abused valid pop-up window actions to display windows with misleading graphics and data as a way to convince users to download or install their malware . Requiring an address bar in each window ensures that users always know more about the true source of the information they are seeing.
Was this article helpful?